reklama

Many IPs browsing login page/maybe bruteforce attack, what to do?

- -

Hello,
on the server with Apache are hosted several websites. One websites login form is the target of some kind of distributed attack/bruteforce password cracking.

I see like 5000 IPs accessing that login page politely, not aggressively. I am sure these are not humans.
A few visits per IP and slowly growing.

I can firewall deny manually some subnets like 123.45.*.* etc. and i can also ban many hundred IPs directly in firewall, but i am afraid of high memory usage of the kernel because too many iptables rules. Is there any better way to prevent server overloading. Like mod security way, i am running CSF firewall too.

Thank you

reklama



boo

Re:Many IPs browsing login page/maybe bruteforce attack, what to do?
« Odpověď #2 kdy: 29. 06. 2016, 17:40:40 »
Change login url :)

 

reklama