Bruteforce Windows
Last updated
Last updated
Windows Server update KB5020282 introduces the function of blocking the administrator account after 10 failed password attempts within 10 minutes.
Because Hetzner uses static IP addresses, brute force attacks are not uncommon and can result in blocking your administrator account. You can configure this feature or disable it completely in Local Security Policy. This option can be found in the Server Manager by clicking on «Tools» and then «Local Security Policy».
To disable this function, set «Account lockout threshold» to 0. After that, the other options should be disabled.
If your account has already been blocked, you can add your connection address to the firewall whitelist. You can find it here.
After activating and configuring the firewall, you will need to wait at least 10 minutes for the rules to apply. After logging in, please change the settings according to the above.
Furthermore, it is imperative to establish a distinct rule that will exclude all other connections. This measure ensures the proper functioning of the server connection.
Log in to the control panel by following the link. Login credentials are sent to your email address upon activation of the first virtual server. Additionally, you can perform automatic authorization by going directly from your personal account.
In the control panel, click on the name of your server. Then click the Settings button.
Click the VNC button.
You will enter a remote console where you can make the necessary configurations.
