• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

Warning about using Webmin (port 10000)

J

jamesyeeoc

Guest
For those of you out there who have decided to use Webmin on your Plesk server, be advised that several of my honey pot servers have (the last couple of days) been showing signs of dictionary and brute force password attacks happening.

So if you have not already done so (and I *know* you're out there), you should make sure the interface is only accessible from your IP instead of from all/any IPs....

Make sure (obviously) that you have a *strong* password.

Maybe change the default port from 10000 to some other port.

I just love seeing what they try to do when they find a (sacrificial) server which looks exploitable or hackable..... rofl

...and all they're doing is giving me logs full of their IP addresses to report....
 
This happens nightly to my ssh and ftp ports, all they accomplish is filling my logs with denied entries.. ug..
 
Yeah, I figured those occur all the time, so I don't worry about that, but it's not often I see anyone latch onto port 10000 and try to break a password (not as commonly anyways).

You aren't still running your SSH on the default port are you? (if you are, then shame on you!) :)
 
Edit the /etc/ssh/ssh_conf file (or wherever it is on your particular server) and change the Port line to a different number, then restart the sshd service
 
I run mine on the default port, since finding SSH on another port is trivial. A more robust solution would be to use RSA/DSA public key authentication. Then you can disable password authentication completely, so they can try and brute force the port until the cows come home, it would never work.
 
You must log in or register to reply here.

Similar threads

L
Issue Your connection is not private
Replies
1
Views
599
AYamshanov
AYamshanov
E
Issue shared ip ports dont work
Replies
1
Views
2K
scsa20
scsa20
B
Issue High latency, unreliable performance & 522 errors on a Plesk server that ran fine for 6+ months
Replies
8
Views
2K
HHawk
HHawk
D
Resolved SUPER WEIRD port issue
2
Replies
21
Views
4K
DenizGelion
D
T
Resolved SECURITY - attack surface : ports 7080 and 7081
2
Replies
30
Views
23K
2dareis2do
2
Back
Top