Brute force

**iLLuSi0nS** · 06-10-2009 04:45 AM

Hi, I have brute force turned on, but I have logs telling me that people are brute forcing me every 3 seconds, its sooo annoying.

Brute force permanently bans them after certain amount of attempts, but then, they just change their IP or another IP keeps hitting my root account. My password is 32characters long with symbols and numbers and the hardest characters ever, so im not afraid of them getting in, but I am sure its slowing down my server some how, no?

Also, I have added my IP and hostname to the bruteforce whitelist, but for some reason, i keep getting this when im in WHM

Brute Force Protection
This account is currently locked out because a brute force attempt was detected. Please wait 10 minutes and try again. Attempting to login again will only increase this delay. If you frequently experience this problem, we recommend having your username changed to something less generic.

what can I do, is there something I can do to make it all stop? What are some of your brute force settings?

thank you

**texo** · 06-10-2009 05:54 AM

Maximum Failures By Account: 10
Maximum Failures Per IP: 9

this way you can never get locked out of your root account

**PlatinumServerM** · 06-10-2009 08:05 AM

Just increase the limits higher to prevent this and try not to enter the wrong login too many times, that should solve this.

**cpanelkenneth** · 06-10-2009 11:08 AM

Originally Posted by iLLuSi0nS

Hi, I have brute force turned on, but I have logs telling me that people are brute forcing me every 3 seconds, its sooo annoying.

Brute force permanently bans them after certain amount of attempts, but then, they just change their IP or another IP keeps hitting my root account. My password is 32characters long with symbols and numbers and the hardest characters ever, so im not afraid of them getting in, but I am sure its slowing down my server some how, no?

Also, I have added my IP and hostname to the bruteforce whitelist, but for some reason, i keep getting this when im in WHM

what can I do, is there something I can do to make it all stop? What are some of your brute force settings?

thank you

Do you see this when attempting to login to WHM as root, or into WHM/cPanel as a regular user? What is your full cPanel version number?

**iLLuSi0nS** · 06-10-2009 02:46 PM

Originally Posted by cpanelkenneth

Do you see this when attempting to login to WHM as root, or into WHM/cPanel as a regular user? What is your full cPanel version number?

Both, root and cpanel user, it temp bans me for like 10 minutes. But I am on the whitelist, I dont see why it would do this

**iLLuSi0nS** · 06-10-2009 02:51 PM

nevermind, I thought I was on the whitelist, just checked my IP and it has changed since putting it on the whitelist...It hasnt changed in 2 years, thanks, I set it to 10 logins per account and 9 per IP

**cpanelkenneth** · 06-10-2009 02:58 PM

Originally Posted by iLLuSi0nS

nevermind, I thought I was on the whitelist, just checked my IP and it has changed since putting it on the whitelist...It hasnt changed in 2 years, thanks, I set it to 10 logins per account and 9 per IP

Glad you were able to resolve this.

LinkBack

Thread Tools

Brute force

Brute Force Protection

Brute Force

Brute Force

Brute Force SUCKS!

Brute Force Q