I have a dedicated server running red hat, I have noticed in the WHM panel that there is a brute force software that only works for all the logins linked to the server cpanel/WHM.
In my future website in PHP I will have 5 different types of logins, do you know a free software my web developers could link to each logins in order to protect them against password crakers/brute force attacks? Something easy to install.
ok I got a little trick from the server provider
Some guys from the server support told me to password protect the page I wanted to secure, not the full directory but only a single file by adding a .htpasswd file with md5 encrypted code and this code on the .htaccess:
#deny from all
allow from 333.333.333.333
allow from 111.222.333.333
AuthName "Please Login"
By having this, I and my programmers(living in a different country) can access the site admin panel, now by password protecting the site this way,apparently a log will be created each time a user logs in, the brute force software then anaylise all the server logs every(whatever time it is set at), if it sees an ip trying to access this protected page many time,the brute force will then kick this ip out.
This is a great method to protect your admin site page apparently.
so now I have to login page, one password protected by the .htpasswd and then my own admin login page, if the guys can pass through both then he is a kind of god......