Question

Should I Afraid? (Someone trying to connect my ssl)

hi,5 minutes ago, I login to my VPS with username and password. And there was a message that: “There were 142453 failed login attempts since the last successful login.” (i login last night)

what should I do? someone is trying to find my password. how can I solve this problem?

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Yeah, people will always try to brute force there way into your servers.

Digital Ocean has a good guide on how to initial setup a server which covers securing SSH further than the default.

https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-16-04

Key Points

  • Use Public Key Authentication
  • Create a new user and disallow root login
  • Install Fail2Ban

You could change your SSH port but there is a bit of debate around that and personally, I leave it as default.

Switch to a nonstandard SSH port Disable password based authentication Deploy fail2ban