How to limit Login Attempts on VPS?
- Thread starter hoangvu
- Start date
Web Marketing Tool
New member
- Joined
- Apr 30, 2016
- Messages
- 41
- Points
- 0
Do you mean SSH logins or logins to your CPanel or something else? If you mean SSH I would suggest instead using RSA key authentication, which I can send instructions on how to setup. Using RSA key you would have a key stored on your computer that is required to connect to the server via SSH or FTP. This puts an end to any brute force attacks as they don't have your key. Why have a needless door, better have a solid concrete wall.
If you are interested in how to do this please let me know your version of Linux. If it is CentOS then I have home court advantage, but if not I can still help you find good instructions. Just send me a PM so I know to respond. I'll respond to your PM here for the benefit of everyone else visiting the forum.
If you are interested in how to do this please let me know your version of Linux. If it is CentOS then I have home court advantage, but if not I can still help you find good instructions. Just send me a PM so I know to respond. I'll respond to your PM here for the benefit of everyone else visiting the forum.
laceibanet
New member
- Joined
- Feb 23, 2016
- Messages
- 43
- Points
- 0
Depends what you have on your vps. You can use ip tables to limit ip from accessing your vps, or if you have a cpanel you can use cphulk which is included with the panel. This can block ip for you after a number of failed login attempts, you can also use it as a black and white list to block or allow ip to connect respectively.
A good practive for a ssh brute force is to switch up the vps default ssh port to something other than the default 22. This can help with securing your server a bit better
A good practive for a ssh brute force is to switch up the vps default ssh port to something other than the default 22. This can help with securing your server a bit better
Mike_Brown
New member
- Joined
- May 5, 2016
- Messages
- 22
- Points
- 0
The most secure solution is to modify your /etc/ssh/sshd_config file. You can add the following line to restrict user logins to the IP addresses you trust:
AllowUsers *@127.0.0.1 *@127.0.0.2
Follow that trend to add additional IP addresses. Simply add that line to the bottom of the file and it should work as expected.
AllowUsers *@127.0.0.1 *@127.0.0.2
Follow that trend to add additional IP addresses. Simply add that line to the bottom of the file and it should work as expected.
Last edited:
Delimiter
New member
- Joined
- May 11, 2016
- Messages
- 11
- Points
- 0
Sounds like you need fail2ban.
You can configure how you like, but I think the default rule set is something like if you get 5 failed login attempts the IP gets banned for an hour. I usually tweak this so that if you get 5 failed login attempts, you're banned forever.
I'd also recommend using key-based authentication and disabling password auth. If you switch to using keys to login it's much more secure and will stop pretty much any brute force attempt. Another thing that helps is switching the default SSH port to something other than 22.
You can configure how you like, but I think the default rule set is something like if you get 5 failed login attempts the IP gets banned for an hour. I usually tweak this so that if you get 5 failed login attempts, you're banned forever.
I'd also recommend using key-based authentication and disabling password auth. If you switch to using keys to login it's much more secure and will stop pretty much any brute force attempt. Another thing that helps is switching the default SSH port to something other than 22.
Older threads
Newer threads
Latest threads
Recommended threads
Similar threads
- Sticky
Referral contests
-
Refer Your Friends to WebmasterSun to Win Cash and Prizes!
$100 to your Paypal
300 Trophy Points
1 banner ad 728x 90
Referral link for :
