Hosting firewall configuration

[fundyhosting]

Does anybody know of any kind of centralized firewall software that can be installed on a regular hosting account.
I manage several Joomla accounts with RSFirewall component installed and I’m constantly getting notifications that people are trying to guess user names and passwords to the admin section of the site.
I would like to be able to log into one location and add the offending IP address and have it propagate out to all my hosting accounts.
I am currently updating my .HTACCESS file on all my hosting accounts and this is very time consuming.
If anybody has any suggestions paid or free it would be much appreciated.
Thanks

 

[webhostingcs]

Hello,

Usually this is block by the hosting account that you have... If you have your own hosting you can try to use appliance based firewalls, or used software based like in linux iptables or in bsd pfsense.

Thanks!

 

[2WDH.com]

If you have no access to the server firewall, then you could write a small script (PHP for example) to automatically add the blocked IPs to .htaccess file and propagate it to the other accounts you have.

 

[handsonhosting]

Depending how your web hosting is setup, this might be possible inside your hosting account.

On our hosting accounts we use ConfigServer Security & Firewall (CSF). We have the tollerences set pretty low - 5 wrong guesses, and you're blocked in the firewall for a specified amount of time. Do it again, you're blocked in the firewall on a permanent level leaving only our system admins to remove the block (if needed).

If you use cPanel, and your host allows it, you can block specific IPs from inside your cPanel. If not, you can always modify using .htaccess files and the "DENY" IP lines. This will not stop proxy attempts when they pick up a new IP.

Next in line would be using a PHP script to monitor login attempts and floods - then block the IP based on that. I'd put in a flood detection and if there's more than 2 login attempts within 10 seconds, block connections for 60 seconds or something. That's usually enough to make a script move on to another account.

I've not really worked much with Joomla, but most CMS systems have a separate admin login area. I'd password protect the entire admin folder - that'll stop anyone from getting to the admin area to guess the password in the first place. Go one step further, use .htaccess to only allow from your IP number - that'll really block anyone (but can cripple you should you need to access the admin area from another location and not have access to modify the .htaccess file).