# brute force attack



## Hostechsupport (Nov 2, 2011)

What is a brute force attack? How can we prevent it on the server?


----------



## axe0 (Jun 15, 2016)

A brute force attack is a trial-error attack where a malicious user enters as many generated passwords as possible to get in.

Limit the login attempts, if the login attempts are exceeded prevent login for this particular account and notify the real user about it with the security measurement options and/or disable login from that particular pc for x amount of time.


----------



## pennyhmd (Aug 21, 2018)

If you can track the IP addresses and then block them in your htaccess filw


----------



## CarlDox (Jul 24, 2018)

Use a list of common words, which is known as a dictionary attack. A dictionary attack will generally try all English words, with the option of adding numbers or doubling up the word as the potential password. This has far fewer combinations, but still has a high chance of finding the correct password.


----------

