SSH Failed Login Attempts

Some Linux distributions, such as CentOS 7, will display a statistic upon logging in via SSH to alert you if there have been any failed login attempts:

There were 51 failed login attempts since the last successful login.

Unfortunately, this is considered normal. Bots are well known to scour the internet in the hope of brute forcing services such as SSH. Fortunately, there's a quick and easy solution to help protect this particular service - change the port!

The default port for Linux servers is 22, which is what such bots will typically target. 

The exact process for changing your SSH port may vary depending on your OS and configuration, however, as a general rule of thumb, open the /etc/ssh/sshd_config file, locate #Port 22 and remove the comment (#). Then, change 22 to a value of your choice (i.e. 2222) and restart SSH (typically service sshd restart will do the trick).
  • 3 Users Found This Useful
Was this answer helpful?

Related Articles

Running a ClamAV and Maldet scan on cPanel servers

You may be familiar with ClamAV and Maldet (aka Linux Malware Detect). They're widely known as...

What is mysqluserstore?

On cPanel servers, you may come across the process...

Installing the LiteSpeed WHM Plugin

If your server is running cPanel/WHM, simply execute the below commands via SSH (as root):wget...

Changing the timezone

If you're like us, you'll want your server's timezone to match your local time to make log...

Finding the largest files and directories

This nifty command allows you to built up a list of the largest files and...