How to block Brute Force Attacks?

Chris Worner

Well-known member
Registered
Joined
Apr 15, 2016
Messages
612
Points
28
I am getting more Brute Force Attacks on my server. Which tools can help me to block them?
 

castordor

Well-known member
Registered
Joined
Apr 21, 2018
Messages
154
Points
28
There is options for that in CSF firewall configurations if you use it.
 

Chris Worner

Well-known member
Registered
Joined
Apr 15, 2016
Messages
612
Points
28
Chris Worner
Where to find this option?
Can you show me a screenshot?
 

castordor

Well-known member
Registered
Joined
Apr 21, 2018
Messages
154
Points
28
castordor
What panel are you using? cPanel and Directadmin both have a plugin which you can install for CSF firewall. After installing the plugin, you can go to configuration options link.
 

mobin

Well-known member
Registered
Joined
Jun 22, 2017
Messages
234
Points
28
What kind of brute-force attack you mean...is it against services like SSH, FTP, etc or against web apps like Wordpress, Joomla, etc ?
 

Chris Worner

Well-known member
Registered
Joined
Apr 15, 2016
Messages
612
Points
28
Chris Worner
I received reports like this

Brute-Force Attack detected in service log from IP(s) 195.231.3.188

In the details

A brute force attack has been detected in one of your service logs.

IP 195.231.3.188 has 123 failed login attempts: dovecot1=123
 

UWH-David

Member
Registered
Joined
Jan 18, 2016
Messages
45
Points
8
There are many things to consider depending on the type of attack. Is it a network layer attack, application layer, etc. If it is against a WordPress install, for example, you can defend against this top-down. Placing the website behind Cloudflare can provide some protection. Setting up your firewall to detect brute force attacks against ModSecurity rules or flooding against a port, and finally, there are plugins available for scripts like WordPress such as WordFence which provide an additional layer of brute force defense.
 

Akshay_M

Member
Registered
Joined
Nov 15, 2019
Messages
44
Points
8
I am getting more Brute Force Attacks on my server. Which tools can help me to block them?
Use 128-bit or higer encryption. Use a good encryption method. Good way of communication of keys. Have a limit of how many times a person can try a password. Use 2 way or higher encryption method. Something you have, something you know, someone you are. You can use these three as a password as there are the basics.
 

Require

Active member
Registered
Joined
Feb 12, 2020
Messages
68
Points
6
As I am fairly new to the IT world I don't know much but I am learning a lot from this forum one thing I learn't in school is have have a good password one upper case lower case with a mixer of and letters & symbols like @!@ and numbers just to make it more secured.
 

Adam Stokes

Active member
Registered
Joined
Mar 19, 2020
Messages
83
Points
6
Here are few small tips you can implement for Brute force attacks
  • Protect yourself with very long passwords and complex characters
  • Consider the multi factor authentication for users
  • You can also implement some of the hardware-based security protocols.
  • Remote extra sensitive data from the network and isolate it
 

hostguy

Member
Registered
Joined
Sep 9, 2020
Messages
49
Points
6
You can install CSF firewall on your server and block IP addresses from which you are detecting the attacks.
Also you can install OWASP modsecurity rules and create or modify rules according to your need, this will also help to secure your server from unwanted attacks.
 
Older Threads
Replies
5
Views
1,728
Replies
12
Views
2,992
Replies
3
Views
1,641
Replies
7
Views
2,877
Newer Threads
Replies
33
Views
8,427
Replies
28
Views
7,177
Replies
6
Views
2,508
Replies
3
Views
1,536
Latest Threads
Replies
1
Views
21
Replies
0
Views
174
Replies
1
Views
37
Replies
2
Views
81
Recommended Threads
Replies
1
Views
2,430
Replies
7
Views
1,919
Replies
3
Views
3,363
Replies
9
Views
4,623
Similar Threads

Latest postsNew threads

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top