As more webmasters join and use VPS host as their website project storage mode, the security of VPS host needs to be concerned. No matter whether we build our own website with one click package or panel, the security of VPS host is not only that. In many cases, it may be due to attacks on websites, scanning and cracking ports, or even various possible insecurity factors. In the previous article, Lao Zuo also introduced the security and solutions for VPS hosts.
Linux VPS security setting 3: use DDOS deflate to resist a small number of DDOS attacks
One of the Linux VPS security settings: Modify the SSH port (CentOS/Debian)
Xshell Set Key Login to Ensure More Security of Linux VPS and Server
Because recently, Lao Zuo has been continuously supplementing the incomplete VPS basic course content that he missed before. First, it is a solid foundation for his own learning, and second, it is to better improve the previous content. Therefore, I will make up for it slowly if I have time recently. What I want to share today is to use DenyHosts The tool stops the tool of brute force cracking SSH on the LINUX system. Once it is set, it can prevent the IP number of login attempts and account cracking attempts, similar to the principle of the DEFLATE tool above.
![Use DenyHosts to restrict SSH brute force account cracking](https://images.laozuo.org/wp-content/uploads/2014/06/denyhosts.jpg)
Specific working principle: We can monitor the abnormal request connection of an IP and limit it after the number of times is reached. Then all the IP blocked by filtering exist in a document. We can analyze and switch to other permanent restrictions.
Specific security and usage of DenyHosts tool:
First, download the latest source package from the official
wget http://sourceforge.net/projects/denyhosts/files/denyhosts/2.6/DenyHosts-2.6.tar.gz
tar zxvf DenyHosts-2.6.tar.gz
cd DenyHosts-2.6
At present, the latest installation package on the official website of DenyHosts is version 2.6. We download, unzip, and enter the directory of DenyHosts.
Second, deploy security tools
yum install python -y
python setup.py install
Third, configuration file
cd /usr/share/denyhosts/
cp denyhosts.cfg-dist denyhosts.cfg
cp daemon-control-dist daemon-control
Fourth, edit the configuration file denyhosts.cfg
This file is in the/usr/share/denyhosts/directory. We can download it to the local through WINSCP, and then slowly analyze and set the configuration file. Specifically, we just need to search the following command lines through CRTL+F, and then remove the previous # from the modified parameters if necessary.
PURGE_DENY: When the IP is blocked, how long will it be automatically released? You can select 1w (1 week) and 5d (5 days) in the document. We can set it ourselves
PURGE_THRESHOLD: set how many times an IP is restricted and then permanently closed
BLOCK_SERVICE: The name of the service we need to block
DENY_THRESHOLD_INVALID: how many times an invalid user tries to be blocked
DENY_THRESHOLD_VALID: how many times a valid user tries to be blocked
DENY_THRESHOLD_ROOT: How many attempts of ROOT user are blocked
HOSTNAME_LOOKUP: Whether to try to resolve the domain name address of IP
Generally, we only need to set the above seven options.
Fifth, start the Denyhosts service
./daemon-control start
We'd better set automatic startup instead of manual startup every time.
cd /etc/init.d
ln -s /usr/share/denyhosts/daemon-control denyhosts
chkconfig --add denyhosts
chkconfig -level 2345 denyhosts on
In this way, we have completed the setting and automatic startup. If we want to see which addresses are trying to log in to our account, we can see the specific record data in the/etc/hosts.deny file.
Scan the code to follow the official account
Get more news about webmaster circle!
Entrepreneurship, operation and new knowledge