|
|
Some brute force attacks are based on a large number of attempts in a short period of time, where a short delay between attempts can seriously slow down the attack. It should be noted that this tactic will not work for all attacks as many attacks are designed to be slow. Designing security questions While many users are frustrated by security questions, their use can be even the biggest obstacle for brute force attackers. Even in targeted attacks that involve personal information for a specific user, you can make the attack difficult by setting security questions. To provide a better user experience, you can only request security responses after a certain number of failed login attempts or each time a login connection occurs.
If you've detected an attack in progress, it might be a good time to require that all users answer a security phone numbers list question when they log in. picture (4) The possibility of two-step authentication Depending on the nature of your service, you may not want to ruin the user experience of your site and therefore avoid implementing a two-factor authentication rule that can be very effective. However, it is good to be able to activate this feature on your site for the safety of users. But if you enable this feature, you can allow the user to do the validation step between different options including social media, email, SMS and more. Note that there are two different types of this type of authentication that are often confused or simply placed next to each other. picture (5) (Two-step verification (2SV: This type of validation usually involves a verification code or link, often sent via text message or email. Two-factor authentication (2FA: And this type of authentication can also include things like keyboard or biometric identification methods like fingerprint or retina scan. Changing the default SSH ports and if possible (control panels) Considering that a large amount of brute force attacks are created by bots on default ports, for this reason, for more security of servers, server administrators must change the SSH port from the default state of 22 to another value, and users who use the Direct Admin control panel on their own servers, they must change the default port 2222 to another value.
In this way, a large amount of attacks can be prevented. You should know, while the cPanel control panel has a module called cphulk brute force protection to deal with such attacks, unfortunately, the direct admin control panel does not include this feature, but it is possible to create restrictions in the firewall through the bash script to prevent such attacks. take Result As you can see there are many options to help you prevent a successful attack. Because the nature of a brute force attack will vary on a case-by-case basis, there really isn't one way to prevent it. Similarly, it is better to use a combination of several strategies to create a line of defense.
|
|
發表於 2024-2-18 17:47:28