Need Assistance?

In only two hours, with an average response time of 15 minutes, our expert will have your problem sorted out.

Server Trouble?

For a single, all-inclusive fee, we guarantee the continuous reliability, safety, and blazing speed of your servers.

How to Secure Your Server with DenyHosts on Ubuntu 24

In today’s digital landscape, brute-force attacks are among the most common and effective methods hackers use to gain unauthorized access to servers. These attacks involve repeatedly attempting to guess the correct username and password for SSH (Secure Shell) access. To secure your server with DenyHosts on Ubuntu 24, this tool is essential as it blocks IP addresses responsible for repeated failed login attempts, helping to mitigate these attacks effectively.

In this blog post, we’ll walk you through the process of setting up and configuring DenyHosts on Ubuntu 24 to protect your SSH server from brute-force attacks.

Why Use DenyHosts?

Brute-force Protection: DenyHosts blocks IP addresses that have multiple failed login attempts, reducing the chance of a successful brute-force attack.

Customizable: You can configure the number of failed login attempts, the duration of the block, and other settings.

Lightweight: DenyHosts uses minimal system resources and integrates well with your existing SSH configuration.

Automatic Blocking: When an IP is blocked, the system adds it to the hosts.deny file, preventing future SSH login attempts from that IP.

Download the Latest Version of DenyHosts

wget https://github.com/denyhosts/denyhosts/archive/refs/heads/master.zip

Unzip the downloaded file:

sudo apt install unzip 
unzip master.zip

Navigate to the extracted folder:

cd denyhosts-master

Install Dependencies

Before installing DenyHosts, make sure your system has the necessary dependencies.

Install Python and dependencies:

sudo apt update
sudo apt install python3 python3-pip python3-setuptools

Install DenyHosts

sudo python3 setup.py install

This will install DenyHosts system-wide.

Configuring DenyHosts

Once DenyHosts is installed, you need to configure it to protect your SSH server.

Open the DenyHosts configuration file:

sudo nano /etc/denyhosts.conf

Modify the configuration settings as per your requirements.

BLOCK_SERVICE: The service for which failed login attempts will be monitored. By default, DenyHosts watches SSH.

BLOCK_SERVICE = sshd

HOSTS_DENY: Defines the location of the hosts.deny file where the blocked IPs will be listed.

HOSTS_DENY = /etc/hosts.deny

ADMIN_EMAIL: The email address where you want to receive alerts when IP addresses are blocked.

ADMIN_EMAIL = your_email

DENY_THRESHOLD_INVALID: The number of invalid login attempts required before blocking an IP. Default is 5. You can adjust this to be more or less strict.

DENY_THRESHOLD_INVALID = 5

Checking DenyHosts Activity

Once DenyHosts is running, it will monitor your system logs for failed SSH login attempts and add offending IPs to the hosts.deny file.

To check which IPs have been blocked:

Check the contents of the hosts.deny file:

cat /etc/hosts.deny

Blocked IPs will be listed here, and any IP that exceeds the failed login attempts threshold will be denied access to your server.

Whitelist Trusted IPs 

If you have a trusted IP (such as your own or a specific set of IP addresses), you can add it to the whitelist to prevent it from being blocked by DenyHosts.

To whitelist an IP, you need to add it to the hosts.allow file:

Edit the hosts.allow file:

sudo nano /etc/hosts.allow

Add the trusted IP (for example, to allow SSH access from a specific IP):

sshd: IP_address

The trusted IP will now be allowed to access SSH even if it triggers failed login attempts.

In this blog, we’ve explored how to secure your server with DenyHosts on Ubuntu 24 to protect it from brute-force SSH attacks. By installing DenyHosts from source, configuring its settings, and creating a systemd service to manage it, you can significantly improve your server’s security.

For expert support on “How to Secure Your Server with DenyHosts on Ubuntu 24,” don’t hesitate to contact us. Our comprehensive server management services are designed to help you secure your server with denyhosts on Ubuntu 24, ensuring robust protection against security threats. Reach out today to enhance your server’s security and performance!

Liked!! Share the post.

Get Support right now!

Start server management with our 24x7 monitoring and active support team

Let us know your requirement.

Can't get what you are looking for?

Get Support Right Away!

Thank You

We have received your query and will get back to you soon.