The Direct Admin control comes with the Brute Force Attack Monitor where it will block the attacker ip from accessing the control panel at port 2222.
If there’s a lot of failure login to access the control panel, the user IP will be blacklisted as well and it will be released after a certain time (depending on your configuration in the Direct Admin control panel).
If you wish to remove the ip blacklist immediately, you will need to perform the following:
Step 1 : SSH to the server
Step 2 : Edit the file
vi /usr/local/directadmin/data/admin/ip_blacklist
save it and restart the Direct Admin service
/etc/init.d/directadmin restart
If there’s a lot of failure login to access the control panel, the user IP will be blacklisted as well and it will be released after a certain time (depending on your configuration in the Direct Admin control panel).
If you wish to remove the ip blacklist immediately, you will need to perform the following:
Step 1 : SSH to the server
Step 2 : Edit the file
vi /usr/local/directadmin/data/admin/ip_blacklist
save it and restart the Direct Admin service
/etc/init.d/directadmin restart
Updated on: 28 / 09 / 2018