best way to block brute force attack?

Download and install CSF. CSF comes with LFD (Login Failure Deamon) that will block most of the brute force attempts. Directadmin also has a integrated Brute Force Monitor, you can modify this a to ban with CSF.

Installing CSF is very easy
Code: 
rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
You can easly configure CSF with Directadmin in Administrator level (user: admin)
 
install CSF on server i should disable Brute Force Attack feature integrated in DirectAdmin ?
 
fail2ban is also good. It does not integrate with DirectAdmin though.
 
CSF is installed now i have red message in ConfigServer Security

1- /var/tmp should either be symlinked to /tmp or mounted as a filesystem

2- You should consider adding ini_set to the disable_functions in the PHP configuration as this setting allows PHP scripts to override global security and performance settings for PHP scripts. Adding ini_set can break PHP scripts and commenting out any use of ini_set in such scripts is advised

How i should fix 2 alert?

sorry take your time
many thanks.
 
1 post output for command "mount"

2, not pretty much needed but if you want you need to edit your php.ini file in /usr/local/lib/php.ini

Regards
 
You must log in or register to reply here.
Back
Top