What is ActiveProtect™?
All applications deployed with Cloud 66 are automatically protected against denial of service and brute-force attacks. ActiveProtect also notifies you if important config files (such as
/etc/hosts) are modified.
The ActiveProtect page shows a list of current and past attacks (in the last 24 hours) with information about the source and destination.
To reach the page:
- Open the Application Overview from your Dashboard
- Click on ActiveProtect in the Application panel on the right of the screen
ActiveProtect is intended to be fully automated, but there are some cases where you can modify its behaviour.
- You can exclude your own IP addresses from being rate limited using the Network Tools in your Dashboard.
- You can also manually whitelist or block IP addresses using the same methods.
SSH soft blocking
Servers deployed with Cloud 66 only allow incoming SSH traffic from known IP addresses. To protect against brute-force SSH attacks, the servers are also configured to only accept SSH keys and not passwords. However, it is possible that user configurations result in vulnerabilities, and for such cases, repeated SSH login attempts are detected and blocked for at least 10 minutes.