After having a new MediaTemple (dv) 4.0 [Plesk 10.1.1] for less than a week my log files were being filled with ssh, ftp, pop3, imap, failed login attempts from IP addresses in China, Portugal, etc.
Brute Force attacks are becoming more and more common, yet Plesk 10 has no security against such attacks. Using strong passwords is a good idea but I can't enforce it for EVERY user and client... clients throw a hissy fit when they have to remember passwords like Fb*@<['-7e^( 8f
I've taken the next step and installed fail2ban to scan log files and ban IP addresses that are hammering my server.
I've got it working scanning the /var/log/secure file for failed sshd and proftpd attempts BUT
I can't find where the Plesk Admin Panel stores it's log of failed attempts. I want to ban IPs that may try to brute force the Admin Panel.
1) Where does Plesk store logs for the Admin Panel?
2) WHY is there not a system already in Plesk to help with this MAJOR issue?
There should be an fail2ban equivalent in Plesk with email notification to the system admin when someone is trying to hack their system.
Any help is greatly appreciated.
Cheers
Brute Force attacks are becoming more and more common, yet Plesk 10 has no security against such attacks. Using strong passwords is a good idea but I can't enforce it for EVERY user and client... clients throw a hissy fit when they have to remember passwords like Fb*@<['-7e^( 8f
I've taken the next step and installed fail2ban to scan log files and ban IP addresses that are hammering my server.
I've got it working scanning the /var/log/secure file for failed sshd and proftpd attempts BUT
I can't find where the Plesk Admin Panel stores it's log of failed attempts. I want to ban IPs that may try to brute force the Admin Panel.
1) Where does Plesk store logs for the Admin Panel?
2) WHY is there not a system already in Plesk to help with this MAJOR issue?
There should be an fail2ban equivalent in Plesk with email notification to the system admin when someone is trying to hack their system.
Any help is greatly appreciated.
Cheers
Last edited: