Skip to main content

Large Number of Failed Logins

Comments

5 comments

  • triantech
    Hello, Are these attempting to connect to your SSH service ? if so, Changing the default port number would be a very good option here.
    0
  • chasmcg
    ]Hello, Are these attempting to connect to your SSH service ? if so, Changing the default port number would be a very good option here.

    Yes, the port number has been changed. But the attempts keeps coming. I have about 5 domains on my server. They're trying to FTP in as well on all domains. Thanks for your reply.
    0
  • quizknows
    cHHulk only "protects" cPanel services. I would recommend CSF/LFD for automated blocking of IP addresses with excessive failed logins.
    0
  • cPanelMichael
    Hello :) Yes, you will need to block those IP addresses with a firewall such as CSF. Note there are plans to implement blocking features in cPanel version 11.48: [url=http://features.cpanel.net/responses/as-a-server-administrator-i-want-cphulkd-to-better-mitigate-brute-force-attacks-so-that-i-can-enhance-security-on-my-system]cPHulkd to better mitigate Brute Force Attacks | cPanel Feature Requests Thank you.
    0
  • chasmcg
    Thanks, guys, for the replies. I'm currently using APF as my firewall. Will look at CSF/LFD as an alternative. Also, if CPanel implements something to block IPs as they come in that would be great. Maybe block countries, even. The failed logins stopped for a day or so but they've started again.
    0

Please sign in to leave a comment.