Last update at :2024-06-18,Edit by888u
As more webmasters join and use VPS hosts as their website project storage methods, everyone needs to be particularly concerned about the security issues of VPS hosts. Regardless of whether we use a one-click package or use a panel to build our own website, the security of the VPS host is not just that. In many cases, it may be due to attacks on the website, port scanning and cracking, or even various possible inaccuracies. safety factors. In previous articles, Snail has also introduced the security and solutions that need to be paid attention to in VPS hosting.
Linux VPS security setting three: Use DDOS deflate to resist a small number of DDOS attacks
Linux VPS security settings one: modify the SSH port (CentOS/Debian)
Xshell sets key login to ensure Linux VPS and server are more secure
Because recently, Snail has been continuously supplementing the incomplete VPS basic tutorial content that was missed before. Firstly, it serves as a solid foundation for one's own learning, and secondly, it is to better improve the previous content. Therefore, I will slowly complete it if I have time recently. What I want to share today is a tool that uses the DenyHosts tool to prevent brute force cracking of SSH in LINUX systems. Once set, it can prevent the number of IP attempts to log in and crack accounts, similar to the principle of the DEFLATE tool above.
The specific working principle: We can monitor the abnormal request connection of a certain IP and limit it after reaching a certain number of times. Then all IPs blocked by filtering exist in a document and we can analyze and use other means. Permanent restrictions.
DenyHosts tool specific security and usage methods:
First, download the latest source code package from the official website
wget http://sourceforge.net/projects/denyhosts/files/denyhosts/2.6/DenyHosts-2.6.tar.gztar zxvf DenyHosts-2.6.tar.gzcd DenyHosts-2.6
Currently, the latest installation package on the DenyHosts official website is version 2.6. We download, unzip, and enter the DenyHosts directory.
Second, deploy security tools
yum install python -ypython setup.py install
Third, configuration file
cd /usr/share/denyhosts/cp denyhosts.cfg-dist denyhosts.cfgcp daemon-control-dist daemon-control
Fourth, edit the configuration file denyhosts.cfg
This file is in the /usr/share/denyhosts/ directory. We can download it locally through the WINSCP tool, and then slowly analyze the configuration file. Specifically, we only need to search the following command lines through CRTL+F. Then if you need to set it, remove the # in front and modify the following parameters.
PURGE_DENY: How long does it take for an IP to be automatically released after it is blocked? You can choose 1w (1 week) and 5d (5 days) in the document. We can set it ourselves. PURGE_THRESHOLD: Set how many times an IP is restricted before it is permanently blocked. BLOCK_SERVICE: The name of the service we need to block DENY_THRESHOLD_INVALID: How many times an invalid user tries to be blocked DENY_THRESHOLD_VALID: How many times a valid user tries to be blocked DENY_THRESHOLD_ROOT: How many times the ROOT user tries to be blocked HOSTNAME_LOOKUP: Whether to try to resolve the domain name of the IP Address
Generally we only need to set the above 7 options.
Fifth, start the Denyhosts service
./daemon-control start
It is best for us to set up automatic startup instead of manually starting it every time.
cd /etc/init.dln -s /usr/share/denyhosts/daemon-control denyhostschkconfig –add denyhostschkconfig -level 2345 denyhosts on
In this way, we have completed the setup and automatic startup. If we want to see which addresses are trying to log in to our account, we can see the specific record data in the /etc/hosts.deny file.
Recommended site searches: American and European cloud servers, foreign servers, expired domain name query, Chinese domain name trading center, Chinese domain name registration query, foreign space, free virtual host, American virtual space, cancellation filing, Ministry of Industry and Information Technology website filing system
发表评论