cPanel WHM and Linux Hacking!

[mfwl]

This kind of brute force attempt is pretty normal to expect. The best method is to change the ssh port entirely and install CSF. If you install csf however, be sure to go through each and every setting. Leaving it as-is will probably lead to locking yourself out of the server. If you really want to go secure, allow ssh access only from certain ips or using ssh keys only.

When it comes to other services such as email, hackers will use random emails and passwords also. Again, this is expected from a site that becomes popular on the internet. CSF does a good job of monitoring the logs under /var/log for any invalid attempts and blocking as necessary.

After these attacks I chose SSH Keys. I couldn't believe how easy it was to set them up and get cpanel to verify the user.

Spot on!

 

[HivelocityLB]

I Highly recommend installing APF and BFD.
This should help in preventing such attacks in the future.