Apache Friends Support Forum

Although it is a very essential thing,i haven't found any normal info on these forums,and considering i'm not that experienced with configuration stuff,it's hard for me to find something decent on the web.

How can you prevent Brute Force attacks? (i knowthe method is restrict a certain range of connections for a specific interval of time, but how? with what code? what configurations? what methods? )

Currently i'm stuck on this, and hoping to get serious help, as i don't want to put my users at risk...

Brute Force meaning Intrusion (they want to hack your site or gain access to user data) or Denial of Service (no-one can use the site as it is rendered unavaialable by a flood of requests). They are completely different things, with completely different solutions.

Brute force technically is usully something authentication oriented like a dictionary attack or a credentials list (stolen usernames and passwords).

JonB wrote:Brute Force meaning Intrusion (they want to hack your site or gain access to user data) or Denial of Service (no-one can use the site as it is rendered unavaialable by a flood of requests). They are completely different things, with completely different solutions.

Brute force technically is usully something authentication oriented like a dictionary attack or a credentials list (stolen usernames and passwords).

Not to be ungrateful, but that was completely useless...
I did NOT ask what is brute force,i asked a method/way/technique/etc. to configure or to setup something to secure the site from it...

I guess you don't need my help.

Good Luck

BUCHANKO wrote:[Not to be ungrateful, but that was completely useless...
I did NOT ask what is brute force,i asked a method/way/technique/etc. to configure or to setup something to secure the site from it...

The main problem is, that you have no idea how TPCIP and brutforce attacks are working. I is completely useless and pretty stupid to ask in a SERVER forum about protection. Either you meant "brutforce" exactly that way, what "JonB" pointed out very well (what you denied) or it is BY FAR to late, as your "brute force" attacks have to be defeated a couple of levels higher, either in your router hardware and/or in a firewall

If you feel that this answer is not very polite: it is what you asked for, because you behave exactly that way.

Errr... wtf?

All i asked if anyone knows how to protect from "brute force" by that i mean countless requests to the server with different data as in brute forcing an account's password...
I am pretty well aware of what brute force is thank you...

But instead of a reasonable,answer i get explanations what brute force is...not to be rude,perhaps i misunderstood something, but for now it seems that way to me...

''Thank you'' for being useless guys...

Case closed.