Secure server with DA=> Fail2Ban and Iptable can be a good solution ?

A

Albert

Verified User
Joined
Oct 25, 2019
Messages
57
Hello,

I am newbie with DirectAdmin and I'm using Debian 10, some experienced users can recommend something to secure the server ? or that's not necessary because DA is already secure...

With DA can install and use fail2Ban and Iptable ?

What can be the best way to secure my server in accordance with DA ?

Exemple, I saw in -> Admin Tools -> Brute Force Monitor: IP List
This IP 94.131.241.63 have 51 Login Failures ! how to automacly reject this IP after 5 attempts ?

Thanks to share your experiences and knowledges about how to secure server and using DA.
 
Albert said:
Hello,

I am newbie with DirectAdmin and I'm using Debian 10, some experienced users can recommend something to secure the server ? or that's not necessary because DA is already secure...

With DA can install and use fail2Ban and Iptable ?

What can be the best way to secure my server in accordance with DA ?

Exemple, I saw in -> Admin Tools -> Brute Force Monitor: IP List
This IP 94.131.241.63 have 51 Login Failures ! how to automacly reject this IP after 5 attempts ?

Thanks to share your experiences and knowledges about how to secure server and using DA.
Click to expand...

Kindly read this KB article - https://help.directadmin.com/item.php?id=247
This is the basic guide to provide Basic system security or may be hire a DA Professional who can help you with this :)
 
Why not use IPTABLES with CSF ?

SYSLOG_CHECK=300 (check every 5 minutes)
LF_IPSET=1
LF_TRIGGER=1
LF_SSHD=1
LF_FTPD=1
LF_SMTPAUTH=1
LF_EXIMSYNTAX=1
LF_POP3D=1
LF_IMAPD=1
LF_HTACCESS=1
LF_MODSEC=1
LF_DIRECTADMIN=1
 
Last edited:
Installing csf/lfd with Directadmin is best imho.
You can use ./install_directadmin.sh instead of ./install.sh and the directadmin ports and plugin will be installed by default.

However, you only have a very good firewall then. There are more things then only a firewall to secure directadmin servers.
 
Richard G said:
Installing csf/lfd with Directadmin is best imho.
You can use ./install_directadmin.sh instead of ./install.sh and the directadmin ports and plugin will be installed by default.

However, you only have a very good firewall then. There are more things then only a firewall to secure directadmin servers.
Click to expand...

The OP was asking for a way to block and reject an IP. CSF and Iptables would take care of what he requested here, which is what would be great for him/her to use.
Locking down and securing other features would definitely be the next steps.
 
Thanks for the answers

Yes I agree, hire somebody to setup a great security for a server with DA is the best solution. Security is a real job that requires specific skills done by experienced people.

But in some case, the cost can be higher than one 100% managed VPS :cool:
 
You must log in or register to reply here.
Back
Top