MyBB Community Forums

MyBB Community Forums > Community > General Discussion > Web Development and Administration > What can I do?
Full Version: What can I do?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

cohen

2011-05-11, 08:24 AM
Hey guys,

I am in need of some help. I got a VPS and have had it for about a month and since then i have had heaps of e-mails regarding failed logins on a few accounts (which are not on my VPS) as well as the root (system) account.

These attempted logins have been from various countries.

My question is - what can I do to prevent attempts like this and improve the security on my VPS.

Any help and advice would be greatly appreciated.

Thanks,
Cohen

Alex Smith

2011-05-11, 08:40 AM
http://www.configserver.com/cp/csf.html

Has UI integrations with cPanel and DirectAdmin if you use either of those. But, either way should probably help you out.

cohen

2011-05-11, 08:43 AM
Yes, that is one thing I forgot. It is a cPanel and Linux Based VPS.

I have tried CSF already, but cannot seem to get it installed. I'll try again though.

Aries-Belgium

2011-05-11, 09:53 AM
Do you have a managed or unmanaged VPS? If it's managed, open a ticket with your host and let them looking into it. You're paying for it Toungue

cohen

2011-05-11, 11:38 AM
Its a Semi-Managed VPS.

I'll submit a ticket and see if they can do it.

Lo.

2011-05-11, 01:20 PM
My dad disabled remote logins from root and only allow the user at the time it was 5454{name{3434

Conor C.

2011-05-11, 09:02 PM
I have installed CSF before, so if you need it installed, I will do so just let me know.

I get around 1 every 2 days of fail logins and I just delete it, CSF blocks them and thats it over with really..

cohen

2011-05-11, 09:27 PM
(2011-05-11, 01:20 PM)Aristotle Wrote: [ -> ]My dad disabled remote logins from root and only allow the user at the time it was 5454{name{3434

I couldn't find where to do that.

(2011-05-11, 09:02 PM)Conor Calby Wrote: [ -> ]I have installed CSF before, so if you need it installed, I will do so just let me know.

I get around 1 every 2 days of fail logins and I just delete it, CSF blocks them and thats it over with really..

Fantastic. I will try today and if i cannot get it to work, i will PM you Smile

KuJoe

2011-05-12, 09:18 AM
I'm a bit confused as to why you are having difficulty installing CSF. Here's the command I use which includes the iptables checking and backs up the default configurations in case you need to revert back:

wget http://www.configserver.com/free/csf.tgz && tar -xzf csf.tgz && cd csf && sh install.sh && perl /etc/csf/csftest.pl && cp -Rp /etc/csf /etc/csf.bak

That being said... I use DenyHosts, works perfectly and in the first day my server went online we had over 6000 brute force attempts, this is because the server's SSH port has to be default.

For better SSH security do this: http://jmd.cc/servers/apache-cpanel-security-part-1/

cohen

2011-05-12, 09:45 AM
(2011-05-12, 09:18 AM)KuJoe Wrote: [ -> ]I'm a bit confused as to why you are having difficulty installing CSF. Here's the command I use which includes the iptables checking and backs up the default configurations in case you need to revert back:

wget http://www.configserver.com/free/csf.tgz && tar -xzf csf.tgz && cd csf && sh install.sh && perl /etc/csf/csftest.pl && cp -Rp /etc/csf /etc/csf.bak

That being said... I use DenyHosts, works perfectly and in the first day my server went online we had over 6000 brute force attempts, this is because the server's SSH port has to be default.

For better SSH security do this: http://jmd.cc/servers/apache-cpanel-security-part-1/

I'll take a look at the security blog post. Thanks!
MyBB Community Forums > Community > General Discussion > Web Development and Administration > What can I do?