• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Block Attacking IPs

Y

ylon

Basic Pleskian
Is there a way to "detect" when a certain attacker is trying an attack and block this ip? For example, today I was watching my logs (seem to be doing more and more... :) and saw someone trying to brute force into ssh. I subsequently grabbed their ip and blocked that with the firewall, however I would like a way to automate this so that anyone who is hitting the server multiple times for any reason such as ftp login, e-mail, etc. and is unsuccessful will be blocked in the future. How can I do this?
 
Yes you can install a BFD .. Brute force detection and have it automallicy add any brute force activitly ips to your firewall but you will need to get APF firewall as well too ..

It will not break Plesk if you install it but be careful not to lock yourself out if you install it remotely and also be sure to open up the port 8443 so you can get into Plesk Control Panel ..

You can set BFD to email you every time it detects it and inform you that it have added the (ip address) into the APF firewall..

Bill
 
You must log in or register to reply here.

Similar threads

T
Resolved SECURITY - attack surface : ports 7080 and 7081
2
Replies
30
Views
11K
2dareis2do
2
T
Question Using an external firewall to block Plesk ports
Replies
3
Views
699
thinkjarvis
T
michaeljoseph01
Question Imunify360 or fail2ban PLEASE give me your input
Replies
6
Views
2K
The 8th
The 8th
M
Issue Windows Firewall Blocked all IP Accidentally
Replies
0
Views
2K
mohit115
M
michaeljoseph01
Question How to block non-mail traffic to certain ip?
Replies
1
Views
684
MarkM
MarkM
Back
Top