Question Huge amount of failed login attempts?

[Colonel36]

Server operating system version

Ubuntu 20.04

Plesk version and microupdate number

Plesk Obsidian18.0.57

I've just noticed in the logs there a huge amount of failed logins from different ip addresses.
I've got Fail2ban active, but what are the most secure settings I should have.

In addition, I have multi factor active.
When I try to change my password to a stronger one, it constantly says it doesn't recognised the old one, even I checked it time and time again and can always login with it?
Thanks in advance.

 

[Kaspar]

I've just noticed in the logs there a huge amount of failed logins from different ip addresses.
I've got Fail2ban active, but what are the most secure settings I should have.

Fail2ban and MFA should be plenty. But if you want you could also consider:

• Limit access to Plesk to your own IP's
  More information can be read here
  This is only really useful if you have an internet connection with a static IP or use VPN with a static IP.
  
  
• Run Plesk on a different port
  More information can be read here
  This does requires a bit technical knowledge to configure.
  
  
• Disable admin access to Plesk for the Root user
  More information can be read here

When I try to change my password to a stronger one, it constantly says it doesn't recognised the old one, even I checked it time and time again and can always login with it?

Do you login as root or as admin to Plesk?
Root is considered an alias of the admin user, however you can only change the password via Plesk fot the admin user, not for root user.

 

[Colonel36]

Thanks.
I didn't know I had an admin user account?
Can you inform me how I could access them?

 

[Kaspar]

Can you inform me how I could access them?

Sure. Connect via SSH or use the SSH terminal in Plesk and run the command Plesk login . This wil generate a temporary login URL for the admin user. After accessing the temporary login URL, you can set (change) a password for the admin user.