Some A**Hole is brute forcing my VPS

Joined
Apr 18, 2008
Messages
279
Reaction score
113
When I try to login, this is the message I get :

This account is currently locked out because a brute force attempt was detected. Please wait a few minutes and try again. Attempting to login again will only increase this delay. If you frequently experience this problem, we recommend having your username changed to something less generic.


Anything I should be doing ?
 

Theodore

Power Member
Joined
Oct 13, 2009
Messages
683
Reaction score
268
i would contact your hosting company and change your username.
And please dont say your username is Admin.... lol
 

qwidjib0

Newbie
Joined
Jun 22, 2010
Messages
43
Reaction score
5
There's actually a pretty good chance if you're seeing this message that the brute forcer was you. In my experience it's generally just an FTP client that automatically reconnected 5 times with the wrong credentials. If they happen to be using CSF Firewall (which is most commonly paired with cPanel), it should give them a detail line that explains what IP did what, but usually will only block that IP.

If you have root access you can also employ your own automated methods (APF or CSF Firewall each work nice for this)- generally data center IP ranges see at least dozens of automated attacks attempted daily.
 
Joined
Apr 18, 2008
Messages
279
Reaction score
113
There's actually a pretty good chance if you're seeing this message that the brute forcer was you. In my experience it's generally just an FTP client that automatically reconnected 5 times with the wrong credentials. If they happen to be using CSF Firewall (which is most commonly paired with cPanel), it should give them a detail line that explains what IP did what, but usually will only block that IP.

If you have root access you can also employ your own automated methods (APF or CSF Firewall each work nice for this)- generally data center IP ranges see at least dozens of automated attacks attempted daily.

Good information, but I have checked my "cPHulk Brute Force Protection" section and I can see there are many failed login attempts from different IPs and using different usernames :(
 
Top