How To Protect Your Webserver From Brute Force Attacks
January 13th, 2008
In computer security, a brute force attack is a way to gain access to a remote server’s resources by trying multiple combinations of logon names and passwords until a valid one is found. Most of the time, this type of attack is performed by a script which uses a list of the most common-known usernames and passwords. The script tries to authenticate itself against a remote service like FTP, POP3 or SSH.
RFX Networks provides a free set of tools that provide protection against brute force attacks: APF and BFD.
Advanced Policy Firewall (APF)
This tool works in conjunction with iptables in order to allow or block access to some remote IP addresses. You can get more information about Advanced Policy Firewall at http://www.rfxnetworks.com/apf.php.
Brute Force Detection (BFD)
Triggered automatically by the cron daemon (every 10 minutes by default), BFD scans your webserver’s log files to find any repeated failed access attempts from the same remote host. If such an attack is found, BFD invokes APF in order to block the attacker’s IP address.
More information on BFD is available at http://www.rfxnetworks.com/bfd.php.
How To Install APF & BFD
Here’s a quick and dirty guide on how to install Advanced Policy Firewall and Brute Force Detection:
1. Download APF and BFD
# wget http://www.r-fx.ca/downloads/apf-current.tar.gz
# wget http://www.r-fx.ca/downloads/bfd-current.tar.gz
2. Extract all files from both archives
# tar xvzf apf-current.tar.gz
# tar xvzf bfd-current.tar.gz
3. Launch the APF installation script
# cd apf-[current version]
# ./install.sh
4. Execute the BFD installation script
# cd ../bfd-[current version]
# ./install.sh
5. Add your workstation’s IP address to the allowed hosts list
# apf -a [ip address]
6. Make sure that a cron task has been added in /etc/cron.d in order to trigger BFD every 10 minutes.
Over time, the blocked host file may grow significantly and this may alter your webserver’s performance. This may also slow down your server’s boot time as a reverse lookup is performed on each blocked IP address. To clean up your denied host list, simply edit /etc/apf/deny_hosts.rules and remove the oldest entries. When done, save the file and issue apf -r to flush and reload firewall rules.
Related Posts
- Enabling Brute Force Detection In cPanel
- Increase Cpanel-Level Security for End Users
- 3 Common Security Mistakes that Webmasters Make
- Basic Tips to Keep Your Website Secure
- Switching From FTP To SFTP
- Linux Tutorial: Generating Random User Passwords
- Securing Your Server: Finding Active Network Ports
- Linux Security: Giving Users Escalated Privileges
How to Compile and Install PHP From Source September 6, 2011
How to Install mod_cloudflare on a cPanel Server June 27, 2011
Go Daddy Offers an Early Look at New Super Bowl Ad (Video) February 2, 2012
MyHosting Now With goMobi Mobile Builder February 1, 2012
How to Reduce Your Bandwidth Consumption January 31, 2012
New Version of Joomla With SQL Server Support January 26, 2012
WebHostingBuzz Partners with CodeGuard January 25, 2012
- Installing & Configuring XCache for W3 Total Cache on a cPanel Server
Tom: Echizen – suPHP does not work with any opcode cachers. You... - Installing & Configuring XCache for W3 Total Cache on a cPanel Server
Echizen: Hi, interested article, since I’m running a cPanel with... - How To Access AwStats Outside cPanel
jose: It’s about “not work at wordpress”. For WP you said that we should make a subdomain for... - HostGator vs GoDaddy Website Hosting Comparison
The Web Hosting Hero: @Soan: I used to have 3 VPS with FutureHosting and it was awesome. Now I... - HostGator vs GoDaddy Website Hosting Comparison
Soan: I am currently using Godaddy’s windows shared hosting plan and looking to purchase a...
Latest Web Hosting Deals
- MyHosting VPS Promo Code - 20% Off On All VPS Orders
- MyHosting Valentine Promo - Basic Hosting for $2.95
- SingleHop Coupon Code - 15% Off Lifetime
- SingleHop Coupon Code - 50% Off 1st Month + 2x Bandwidth
- SingleHop Coupon Code - 50% Off 1st Month
- iPage Holiday Promo - Web Hosting Only $2.95
- FutureHosting Coupon Code - 40% Off Lifetime Discount
Hosting Reviews
 |  |  |
0 responses so far ↓
There are no comments yet...Kick things off by filling out the form below.
Leave a Comment