1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Brute Force Attacks

Discussion in 'Plesk 10.x for Linux Suggestions and Feedback' started by DanTron, Sep 22, 2011.

  1. DanTron

    DanTron New Pleskian

    12
    85%
    Joined:
    Sep 22, 2011
    Messages:
    5
    Likes Received:
    0
    My Plesk 10.1.1 server is now CONSTANTLY being hammered for failed ssh, ftp, imap, pop3, smtp login attempts.
    The attacks come from IPs all over; China, Portugal, Mexico, Uzbekistan, etc.

    I've installed fail2ban to block ssh and ftp...

    BUT something like fail2ban should be in Plesk. Brute Force attacks are VERY common these days.

    There should be something in Plesk to auto-ban IP address that fail login attempts more than X times in X minutes ON ANY SERVICE (ssh, ftp, imap, pop3, smtp, Plesk Admin Panel, etc.)

    AND it should notify the sys-admin via email what IP's are being banned, geo-locate the IPs, and allow the admin to override a ban or remove an IP ban when a client just messes up too many times or manage a whitelist/blacklist.
     
  2. EdwardDekker

    EdwardDekker Guest

    0
     
    Block some ports and get secured by PCI Compliance

    Hi,

    * As i read you'll should be block port 22 at first. This by disable root access and portnumber into the config file of shhd.
    Set up you firewall and go to virtuozzo or paralells automation and select the firewall and change your shh portnumber.

    * Follow these insturctions at http://download1.parallels.com/Plesk/PP10/10.3.1/Doc/en-US/online/plesk-pci-compliance-guide.
    Now you should be save for a time.

    Good luck!
     
    Last edited by a moderator: Sep 23, 2011
  3. lvalics

    lvalics Silver Pleskian Plesk Guru

    36
    43%
    Joined:
    Jun 20, 2003
    Messages:
    965
    Likes Received:
    32
    Location:
    Romania
    Try to use a better firewall that integrated into PLESK. Use CSF or APF those are good enough.
     
Loading...