What is brute force attack and how to prevent this attack?
What is Brute Force Attack?
Brute force attack is a very common method, it is nothing but a simple script used to crack the password. The script uses every possible character combination as a password until it find the right one, and in order to recover one character from the password (a-z) characters are enough. Once the password is hacked, the hackers could do any possible damage to your data stored on the server.
How a brute force attack is done?
Most of the time a brute force attack is successfully held via the default FTP access on the server, means a user can login to your FTP account with default cPanel login details, which is not recommended.
For example, if you create an account mcwilson.com on the server, it creates a username with 8 characters by default, which is mcwilson. So, this is the default cPanel format which is used for all. This makes easy to know the username. Then the brute force is made on the passwords, which makes it easy for them to get into the account.
This is why most of the web hosting providers will not recommend you to use the default ftp access which is same as cPanel login details.
Some times they do changes your htaccess file and make some horrible changes to cause real damage to your business. You cannot stop such attacks by limiting the number of attempts made by an IP address or by banning the IP address.
How to prevent brute force attacks?
In order to protect or the best way to stop such brute force attacks is to disable the default FTP access to the server and clients who requires and FTP access, you can create new ftp accounts from your cPanel for them. So that they can easily create new FTP account for their domains from their cPanel >> FTP Accounts >> Add FTP Account.
When default FTP access is disabled, mcwilson username is disabled and it does not allows you to add mcwilson on the same account. Now, when you create a new account, it can be something like firstname.lastname@example.org OR email@example.com which makes it difficult for them to enter any account.
How to disable the default FTP access?
In order to disable it you need to make a few changes in the the following file.
You can do this by opening a ticket on our support desk and our support department will do the rest.
Can’t they brute force the access into control panel setup an FTP and hack the site anyway?
Brute force is not a manual process but a script which does the attack. Creating an account from cPanel is not something that can be done using a script. That will require a shell access.