Question
I'm told there were 47183 failed login attempts since the last successful login.
I logged in today and saw “There were 47183 failed login attempts since the last successful login.”
What precautions should I be taking?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×
Bump this up. I also just saw a client’s vps has 116097 failed login attempts since the last successful login.
This does appear like a hacker trying to break into D.O. boxes, as there appear to be several similar threads in this same forum.
Edit: Seem to mostly be those with port 22 open. I would ensure you have the latest Open SSL packages, with remote password-login for root disabled (only use pubkey authentication, with a password). If possible, white-list 22 port to known IP addresses using your firewall.