What is brute force attack and how to prevent it?

What is a brute force attack and how to prevent this attack?

Brute force attack is a very common method, it is nothing but a simple script used to crack the password. The script uses every possible character combination as a password until it finds the right one, and in order to recover one character from the password (a-z), characters are enough. Once the password is hacked, the hackers could do any possible damage to your data stored on the server.

How a brute force attack is done?

Most of the time a brute force attack is successfully held via the default FTP access on the server, which means a user can log in to your FTP account with default cPanel login details, which is not recommended.

For example, if you create an account mcwilson.com on the server, it creates a username with 8 characters by default, which is mcwilson. So, this is the default cPanel format that is used for all. This makes it easy to know the username. Then brute force is made on the passwords, which makes it easy for them to get into the account.

This is why most of the web hosting providers will not recommend you to use the default FTP access which is the same as cPanel login details.

Sometimes they do changes your htaccess file and make some horrible changes to cause real damage to your business. You cannot stop such attacks by limiting the number of attempts made by an IP address or by banning the IP address.

How to prevent brute force attacks?

In order to protect or the best way to stop such brute force attacks is to disable the default FTP access to the server and clients who requires FTP access, you can create new ftp accounts from your cPanel for them. So that they can easily create new FTP account for their domains from their cPanel >> FTP Accounts >> Add FTP Account.

When default FTP access is disabled, mcwilson username is disabled and it does not allow you to add mcwilson on the same account. Now, when you create a new account, it can be something like mac@mcwilson.com OR admin@mcwilson.com which makes it difficult for them to enter any account.

How to disable the default FTP access?

In order to disable it, you need to make a few changes in the following file.

/usr/local/cpanel/bin/ftpupdate

You can do this by opening a ticket on our support desk and our support department will do the rest.

Can’t they brute force the access into the control panel set up an FTP and hack the site anyway?

Brute force is not a manual process but a script that does the attack. Creating an account from cPanel is not something that can be done using a script. That will require shell access.