Quick Question about Blacklisting IPs

[merico]

Hi, I've just setup my first DirectAdmin installation and had a quick (newbie) question about the Security Options in the Administrator Settings.

Does the "Blacklist IPs for excessive login attempts" option help to defend against brute force attacks on the various ports (e.g. SSH, EXIM, etc.), or just apply directly to the DirectAdmin control panel logins?


Thanks

 

[zEitEr]

Hello,

Just apply directly to the DirectAdmin control panel logins. Search the forums for details, there is a new feature "Bruteforce Attack Scanner", with the help of which you can run your own scripts to block IP of an attacker.

 

[merico]

Thanks for the reply Alex.

Funny you should mention it, it is that exact feature that prompted me to ask (quite useful, it immediately alerted me to the fact that I was already getting hit with brute force attacks on some of my open ports).

I thought it'd be really convenient if this was covered under the admin blacklist option. Oh well, I guess I'll just have to setup some scripts.

Cheers

 

[zEitEr]

So you might want to post a feature request or a suggestion in a proper sub-forum.