How to block Brute Force Attacks?

Chris Worner · Feb 17, 2020

I am getting more Brute Force Attacks on my server. Which tools can help me to block them?

castordor · Feb 17, 2020

There is options for that in CSF firewall configurations if you use it.

GoMummy-GM · Feb 18, 2020

If you have cpanel installed on your server you can easily mitigate such attacks with CPhulk tool in WHM.

mobin · Feb 20, 2020

What kind of brute-force attack you mean...is it against services like SSH, FTP, etc or against web apps like Wordpress, Joomla, etc ?

UWH-David · Feb 20, 2020

There are many things to consider depending on the type of attack. Is it a network layer attack, application layer, etc. If it is against a WordPress install, for example, you can defend against this top-down. Placing the website behind Cloudflare can provide some protection. Setting up your firewall to detect brute force attacks against ModSecurity rules or flooding against a port, and finally, there are plugins available for scripts like WordPress such as WordFence which provide an additional layer of brute force defense.

Akshay_M · Feb 21, 2020

Chris Worner said:
I am getting more Brute Force Attacks on my server. Which tools can help me to block them?

Use 128-bit or higer encryption. Use a good encryption method. Good way of communication of keys. Have a limit of how many times a person can try a password. Use 2 way or higher encryption method. Something you have, something you know, someone you are. You can use these three as a password as there are the basics.

Require · Feb 27, 2020

As I am fairly new to the IT world I don't know much but I am learning a lot from this forum one thing I learn't in school is have have a good password one upper case lower case with a mixer of and letters & symbols like @!@ and numbers just to make it more secured.

Adam Stokes · Mar 23, 2020

Here are few small tips you can implement for Brute force attacks

Protect yourself with very long passwords and complex characters
Consider the multi factor authentication for users
You can also implement some of the hardware-based security protocols.
Remote extra sensitive data from the network and isolate it

Chris Worner · Mar 23, 2020

Adam Stokes said:
You can also implement some of the hardware-based security protocols

Adam Stokes said:
Remote extra sensitive data from the network and isolate it

Can you elaborate these? give some examples or explaining in details?

Adam Stokes · Mar 24, 2020

You can consider using RDP like services but again it is again vulnerable so using tools such as Bromium Protected App offers capabilities for hardware-enforced isolation of remote desktops and XenApp clients.

hostguy · Apr 20, 2021

You can install CSF firewall on your server and block IP addresses from which you are detecting the attacks.
Also you can install OWASP modsecurity rules and create or modify rules according to your need, this will also help to secure your server from unwanted attacks.

How to block Brute Force Attacks?

Well-known member

Well-known member

Member

Well-known member

Member

Member

Active member

Active member

Well-known member

Active member

Member

Sponsors

Tag Cloud