• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Block Attacking IPs

ylon

Basic Pleskian
Is there a way to "detect" when a certain attacker is trying an attack and block this ip? For example, today I was watching my logs (seem to be doing more and more... :) and saw someone trying to brute force into ssh. I subsequently grabbed their ip and blocked that with the firewall, however I would like a way to automate this so that anyone who is hitting the server multiple times for any reason such as ftp login, e-mail, etc. and is unsuccessful will be blocked in the future. How can I do this?
 
Yes you can install a BFD .. Brute force detection and have it automallicy add any brute force activitly ips to your firewall but you will need to get APF firewall as well too ..

It will not break Plesk if you install it but be careful not to lock yourself out if you install it remotely and also be sure to open up the port 8443 so you can get into Plesk Control Panel ..

You can set BFD to email you every time it detects it and inform you that it have added the (ip address) into the APF firewall..

Bill
 
Back
Top