• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Does Plesk admin login block brute force attacks, or do i need fail2ban

Dan Mikkelsen

Basic Pleskian
Hi

I have installed fail2ban and it is successfully blocking bruteforce attacks on SSH, but what about bruteforce attempts on the plesk admin login? Does plesk take some precautions on this? (if not, that might be a suggestion). Or should 3rd party applications be used for this, because i have no idea on how to set up fail2ban for this (not a linux pro unfortunately), but it seems to be the application of choice for this.
 
Thanks, but this just let me block specific IP addresses. What I was concerned about was if Plesk automatically blocks attempts for some minutes or so when you have entered the wrong information enough times. Or can a person keep trying until I block him myself after checking logfiles (which isn't often).
 
mysql> select * from misc where param='lock_attempts';
+---------------+-----+
| param | val |
+---------------+-----+
| lock_attempts | 5 |
+---------------+-----+
1 row in set (0.00 sec)

Only 5 attempts of login is allowed.
 
You should still look into using something like denyhosts, mod_evasive, fail2ban or something like that - otherwise an attacker could just keep trying once they get unlocked, or worse, keep trying for every and the admin account will always be locked in that you cant get in anymore.
 
hvae it look at the logs, I think the acces_log or error_log should log failed login attempts
 
Back
Top