Here is a screen grab of ‘grep “Failed password” /var/log/auth.log’ for reference: https://imgur.com/a/G2bwrZO
I have the port range 30999:59999 set to DENY IN from ANYWHERE for udp and tcp traffic, yet I’m still receiving login attempts within the ranges of blocked ports.
Can anybody spot a misconfiguration, or perhaps explain what I’m missing with UFW?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Click below to sign up and get $100 of credit to try our products over 60 days!