06-29-2018, 06:13 PM
Quote:If I change port 22 to a different number will that stop these attempts?
Yes, if you change the SSH port to a different port number it will stop 100% of all automated bot bruteforce attacks. I would suggest a port number over port 1024 and something rather in the higher ranges.
This will not stop a human hacker from trying it. They might run a port scan on all ports to find out your SSH server port. A way to make it a little harder is to use port knocking. You knock a certain port and once this happens your firewall unlocks the SSH port just for your IP address for a certain period of time in that you have to connect. After that time passes the SSH port will be closed again.
A guide with information if you are interested in this:
- https://www.digitalocean.com/community/t...-on-ubuntu
- https://n0where.net/ssh-port-knocking
- https://www.howtoforge.com/tutorial/how-...on-ubuntu/
Using the above really depends if you are willing to go through extra work before being able to connect to your server.
I personally recommend just changing the SSH port and using asymmetric SSH key authentication with the private and public key principle. Just fully disable password authentication after successfully setting up SSH key authentication. This way any attacker attemping to use a password will be instantly kicked from the server. And any attacker using the wrong private key will also be instantly kicked from the server. Leaving no way to bruteforce access to the server. Together with Fail2Ban this is pretty strong.
Quote:And what will the consequences be for my WordPress applications if I change the port number?
Absolutely nothing will change for your Wordpress applications, your web server, mail server or other server setup. The only thing you would have to do is adjust the SSH port in fail2ban if you use this application. And at your SSH and SCP/SFTP clients you will of course also have to adjust the SSH port to connect to your server.
Welcome to the world of servers - where automated bruteforce attacks on a lot of protocols are as common as birds flying in the sky.