Protect a server against brute force attacks
In many of my posts on online security, I have emphasized on the need for more complex passwords, which, while difficult to remember, are harder to crack. And while most people set complex passwords for the login pages of the scripts they are using, they keep forgetting that they should start from the top – with the main account password for their shared web hosting account and the root password for their Dedicated Server or VPS container. When you are using a shared web hosting account, you rarely have to worry about server-level protection – this is being handled by your web hosting company. However, if you are running a server for which you have full root access, it’s time to take a deeper interest in online security. And the first step is to devise a very strong root password. A root password is the main password for the server. Since most servers use the default “root” username, a hacker will only have to guess the password. A common attack aimed at cracking the password is the brute force attack – a script will try to guess the password using a combination of predefined symbols (letters and numbers), combining them in all possible ways. This attack is so popular, yet simple and effective, that there is even a Firefox plug-in allowing you to run brute force attacks. This is why, our support team has prepared a special article, which will help you to learn how to protect a server against brute force attacks. There you can find several tips on what to do, depending on the Control Panel tool you are using. There is also a solution for Control Panel-free server packages like the Base VPS server plan. Check out the article as soon as possible to find out how to secure your server. Originally published Friday, June 4th, 2010 at 9:20 am, updated June 4, 2010 and is filed under Dedicated Hosting Services.