I was just browsing around my root of my server when I found the /var/logs folder.
The security file that was in it has a ton (yes a ton) of failed SSH logins from this one site, The IP and domain name does not change. Its a russian website that is doing it and I am not sure if its intentional or if they have become victims.
How could I simply block this domain from making any sort of connections to my server (or at least to SSH).
How would I go about contacting their host or similar to get this resolved as well? Would a message to the support team get this directed to the right people to have these failed logins cease?
Last but not least, does APF have a user manual