Related

Bruteforce attack through our server Question Question
Missing Droplet after Suspend 1 day Question Question

Question

Should I Afraid? (Someone trying to connect my ssl)

Posted October 12, 2017 2.5k views
CentOSServer Optimization

hi,5 minutes ago, I login to my VPS with username and password.
And there was a message that: “There were 142453 failed login attempts since the last successful login.” (i login last night)

what should I do? someone is trying to find my password.
how can I solve this problem?

Add a comment
cagkana9f5cd873f5b8188e469
By:
cagkana9f5cd873f5b8188e469

Related

Bruteforce attack through our server Question Question
Missing Droplet after Suspend 1 day Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
2 answers
snapshooter October 12, 2017

Yeah, people will always try to brute force there way into your servers.

Digital Ocean has a good guide on how to initial setup a server which covers securing SSH further than the default.

https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-16-04

Key Points

  • Use Public Key Authentication
  • Create a new user and disallow root login
  • Install Fail2Ban

You could change your SSH port but there is a bit of debate around that and personally, I leave it as default.

Initial Server Setup with Ubuntu 16.04
by Mitchell Anicas
When you start a new server, there are a few steps that you should take every time to add some basic security and give you a solid foundation. In this guide, we'll walk you through the basic steps necessary to hit the ground running with Ubuntu 16.04.
Reply Report
aseemr October 12, 2017

Switch to a nonstandard SSH port
Disable password based authentication
Deploy fail2ban

Reply Report

Related

Looking for something else?

Ask a new question Search for more help