Automatic Fail2ban report - Trying login SSH

Sep  6 08:19:22 sshgateway sshd\[32427\]: Invalid user jira from 101.78.149.142
Sep  6 08:19:22 sshgateway sshd\[32427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.149.142
Sep  6 08:19:24 sshgateway sshd\[32427\]: Failed password for invalid user jira from 101.78.149.142 port 51386 ssh2
Sep  6 08:34:38 sshgateway sshd\[7738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.149.142  user=root
Sep  6 08:34:40 sshgateway sshd\[7738\]: Failed password for root from 101.78.149.142 port 49266 ssh2
Sep  6 08:36:19 sshgateway sshd\[8698\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.149.142  user=root
Sep  6 08:36:21 sshgateway sshd\[8698\]: Failed password for root from 101.78.149.142 port 59244 ssh2
Sep  6 08:41:23 sshgateway sshd\[11681\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.149.142  user=root
S

Automatic report - Port Scan Attack

 TCP (SYN) 104.206.128.2:51117 -> port 3306, len 44

Sep  6 17:50:12 mail sshd[20071]: refused connect from 49.88.112.116 (49.88.112.116)
Sep  6 17:51:27 mail sshd[20117]: refused connect from 49.88.112.116 (49.88.112.116)
Sep  6 17:52:40 mail sshd[20200]: refused connect from 49.88.112.116 (49.88.112.116)
Sep  6 17:53:53 mail sshd[20231]: refused connect from 49.88.112.116 (49.88.112.116)
Sep  6 17:55:09 mail sshd[20280]: refused connect from 49.88.112.116 (49.88.112.116)
...

Sep  6 17:44:48 ns381471 sshd[32248]: Failed password for root from 112.85.42.89 port 18658 ssh2

Aug 31 14:59:14 our-server-hostname postfix/smtpd[30984]: connect from unknown[123.14.93.226]
Aug 31 14:59:16 our-server-hostname postfix/smtpd[30984]: NOQUEUE: reject: RCPT from unknown[123.14.93.226]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=
Aug 31 14:59:16 our-server-hostname postfix/smtpd[30984]: disconnect from unknown[123.14.93.226]
Aug 31 14:59:16 our-server-hostname postfix/smtpd[31359]: connect from unknown[123.14.93.226]
Aug 31 14:59:18 our-server-hostname postfix/smtpd[31359]: NOQUEUE: reject: RCPT from unknown[123.14.93.226]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=
Aug 31 14:59:18 our-server-hostname postfix/smtpd[31359]: disconnect from unknown[123.14.93.226]
Aug 31 15:00:21 our-server-hostname postfix/smtpd[755]: connect from unknown[123.14.93.226]
Aug 31 15:00:22 our-server-hostname postfix/smtpd[755]: NOQUEUE: reject: RCPT from unknown[123.14.........
-------------------------------

 TCP (SYN) 103.63.215.38:43616 -> port 1433, len 40

(smtpauth) Failed SMTP AUTH login from 89.47.62.88 (GB/United Kingdom/-): 5 in the last 3600 secs

2020-09-06 02:40:05.268076-0500  localhost smtpd[16817]: NOQUEUE: reject: RCPT from unknown[184.22.201.129]: 554 5.7.1 Service unavailable; Client host [184.22.201.129] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/184.22.201.129 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<184-22-201-0.24.myaisfibre.com>

Tried to hack vpn...

Sep  6 14:08:52 marvibiene sshd[12717]: Failed password for root from 62.234.20.135 port 36308 ssh2

php WP PHPmyadamin ABUSE blocked for 12h

141.85.216.231 - - [06/Sep/2020:16:30:52 +0200] "POST /wp-login.php HTTP/1.0" 200 4793 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

SMB Server BruteForce Attack