How do I stop these?
I have a VPS running Centos with DirectAdmin. I have fail2ban and CSF as well.
There are hundreds of ssh login attempts made to my VPS, such as this:
lfd on la1.*******.com: blocked 126.96.36.199 (CN/China/-) Time: Wed May 20 12:06:43 2020 +0200 IP: 188.8.131.52 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: May 20 11:35:03 base sshd: Invalid user fz from 184.108.40.206 port 34650 May 20 11:35:05 base sshd: Failed password for invalid user fz from 220.127.116.11 port 34650 ssh2 May 20 11:56:01 base sshd: Invalid user tpe from 18.104.22.168 port 43911 May 20 11:56:03 base sshd: Failed password for invalid user tpe from 22.214.171.124 port 43911 ssh2 May 20 12:06:40 base sshd: Invalid user xsl from 126.96.36.199 port 48542
Attempts are mostly, from CHINA. I have changed the ssh port to something else, but still, they keep trying on random ports. I don't want to ignore these msg's since it's important to know and find out these.
Thanks in advance.