Ban IP on server level after a number of unsuccessful logins

This is a widely used function amongst the server managers. Depending on your system configuration, the server will ban the enforcer’s IP, either putting it in the firewall’s deny list or, on Linux servers with IPTables installed, will put the IP in the drop list.

To achieve this feature, the easiest way is to install a software firewall. My recommendation is CSF, Configserver Security & Firewall developed and maintained by Way To The Web Limited. It’s an extremely efficient software, and integrated into WHM is very easy to manage it, even a beginner can handle almost everything.

So, if configured correctly, CSF has a, say, extension: LFD or Login Failure Daemon.

This stuff is what we search for at the moment. You can configure which ports to listen on, so if the enforcer tries on SSH, POP3 or FTP and even HTTP authentication, it will get banned after a few tries.

You can also put IPs to its ignore list. This is very useful feature if you don’t want to get yourself banned.