Hello,
There are a lot of trying access to root/user from around the world each day to my server!
Each few minutes I receive an email from my server system that there is an authentication failure to access the root of server or a user account
===========
lfd on [myServer]: blocked [IP] (Country), with details like this format:
IP:xxx (Country)
Failures: 5 (sshd)
Interval: 3600 seconds
Blocked: Permanent Block [LF_SSHD]
===========
I'm wondering why they did this!
My server is one of the millions of servers around the world, I'm not Google or Microsoft to be a great prey for bad guys to hack! What this great benefit could achieved for those if they hack my root or an account I host?
However I think my server is well protected because I'm using this strategy:
1- Complex root password changed frequently.
2- I don't set an expected user name for the account name when I create a new one, for example: if I want to host a new domain "MyDomain.com" I set user name like: DomMyN
3- Firewall is on, SSL installed and cPanel is always updated to the latest version.
Am I really protected as I think? if not, what do you advice me to do more?
Thank you.
There are a lot of trying access to root/user from around the world each day to my server!
Each few minutes I receive an email from my server system that there is an authentication failure to access the root of server or a user account
===========
lfd on [myServer]: blocked [IP] (Country), with details like this format:
IP:xxx (Country)
Failures: 5 (sshd)
Interval: 3600 seconds
Blocked: Permanent Block [LF_SSHD]
===========
I'm wondering why they did this!
My server is one of the millions of servers around the world, I'm not Google or Microsoft to be a great prey for bad guys to hack! What this great benefit could achieved for those if they hack my root or an account I host?
However I think my server is well protected because I'm using this strategy:
1- Complex root password changed frequently.
2- I don't set an expected user name for the account name when I create a new one, for example: if I want to host a new domain "MyDomain.com" I set user name like: DomMyN
3- Firewall is on, SSL installed and cPanel is always updated to the latest version.
Am I really protected as I think? if not, what do you advice me to do more?
Thank you.