Greetings,
I updated DirectAdmin and all relevant server software on November 30. It had been a while since I updated, I may have skipped from 1.44.? to 1.46.3.
Only today did I figure out that the Brute Force Monitor is not doing anything anymore - in fact, I am not getting any messages in the "Message System" whatsoever. The last entry there is precisely in the time window where I was doing the updates. I normally get multiple failed logins each hour, so the abrupt end is very obviously caused by the updates.
None of the brute_* files in /usr/local/directadmin/data/admin have been changed since then, and IP addresses from November 23-30 are still blocked, even though they are to be unblocked after a week. Well, no more explanation needed, it's obviously just not running
But I can't figure out how to make it run again. Also, my backups are not executing either - I thought this was due to my move to another FTP server, but it is probably related to this. I figure I should have received notes about the backups failing if it was due to the FTP server anyway, but I'm not getting either success or failure messages.
What steps should I take?
Also, does this mean with certainty that my server has been completely open to brute-force attacks in the past 18 days?...
I updated DirectAdmin and all relevant server software on November 30. It had been a while since I updated, I may have skipped from 1.44.? to 1.46.3.
Only today did I figure out that the Brute Force Monitor is not doing anything anymore - in fact, I am not getting any messages in the "Message System" whatsoever. The last entry there is precisely in the time window where I was doing the updates. I normally get multiple failed logins each hour, so the abrupt end is very obviously caused by the updates.
None of the brute_* files in /usr/local/directadmin/data/admin have been changed since then, and IP addresses from November 23-30 are still blocked, even though they are to be unblocked after a week. Well, no more explanation needed, it's obviously just not running
But I can't figure out how to make it run again. Also, my backups are not executing either - I thought this was due to my move to another FTP server, but it is probably related to this. I figure I should have received notes about the backups failing if it was due to the FTP server anyway, but I'm not getting either success or failure messages.
What steps should I take?
Also, does this mean with certainty that my server has been completely open to brute-force attacks in the past 18 days?...
Last edited: