Hi to all, I´m new to Linux and I´m using some servers in Digital Ocean to learn.
I´m suffering continuous login attempts from Chinese IPs and I would like to ban all of them. Or at least ban anyone failing to log for several times in a short period of time.
What is the best way to do this? I readed about fail2ban but I would like to know what do you think before configuring.
Thks for your time.
Hi Luis,
For me, fail2ban is the best option to do this job. There is an article explained how to install and configure on https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04.
Best regards,
Alberto
Hello,
You can ban each IP listed by doing something similar to:
sudo fail2ban-client -vvv set JAIL banip WW.XX.YY.ZZ
Or perhaps UFW:
sudo ufw deny from {ip-address-here} to any
Thks benrebla,
The problem is that this chinese stuff is quite resilient: they will keep trying different ips... how could I ban a hole country !?
I really don´t understand why Digital Ocean hasn´t some standard solution in place: this is becoming a major issue for lots of people...
