This is my SSH jail config from Plesk fail2ban UI
[ssh]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/secure
maxretry = 5
From /var/log/secure i still seeing an IP brute forcing SSH service on random ports.
>Failed password for root from xx.xx.xx.xx port 39132 ssh2
>Failed password for root from xx.xx.xx.xx port 37461 ssh2
...
any idea? thanks!
[ssh]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/secure
maxretry = 5
From /var/log/secure i still seeing an IP brute forcing SSH service on random ports.
>Failed password for root from xx.xx.xx.xx port 39132 ssh2
>Failed password for root from xx.xx.xx.xx port 37461 ssh2
...
any idea? thanks!