1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Block Attacking IPs

Discussion in 'Plesk for Linux - 8.x and Older' started by ylon, Feb 18, 2005.

  1. ylon

    ylon Basic Pleskian

    Apr 28, 2007
    Likes Received:
    Is there a way to "detect" when a certain attacker is trying an attack and block this ip? For example, today I was watching my logs (seem to be doing more and more... :) and saw someone trying to brute force into ssh. I subsequently grabbed their ip and blocked that with the firewall, however I would like a way to automate this so that anyone who is hitting the server multiple times for any reason such as ftp login, e-mail, etc. and is unsuccessful will be blocked in the future. How can I do this?
  2. CBiLL

    CBiLL Guest

    Yes you can install a BFD .. Brute force detection and have it automallicy add any brute force activitly ips to your firewall but you will need to get APF firewall as well too ..

    It will not break Plesk if you install it but be careful not to lock yourself out if you install it remotely and also be sure to open up the port 8443 so you can get into Plesk Control Panel ..

    You can set BFD to email you every time it detects it and inform you that it have added the (ip address) into the APF firewall..