cphulk

I have a single cPanel server and it is currently protected by a Juniper SRX 300 Hardware Firewall and CPHulk. I would really like to remove the hardware firewall and go back to use CSF, but I am wondering if anyone can advise on what I would lose or gain in making the change? I know CSF can do...

Hi, not sure if this is directly related to the server switch I made 2 months ago from CentOS 6 to CentOS 7.5 but cpHulk failed attempts list is now permanently empty, altough cpHulk is activated. I'm used to seeing at least 10 failures an hour from China and such, so there's something wrong...

I was unable to access my own server because of "-ERR [AUTH] LOGIN DENIED -- COUNTRY IS BLACKLISTED" (that's what my email received, putty / WHM just deny access). I suppose that's because I'm using the new feature that sets a list of countries to deny instead of using my own list of IPs...

I've had cPHulk enabled for a few days now and have set it to block all countries except mine. In the History reports section, I have noticed that it works and has successfully blocked login attempts since the number of reports has gone down significantly. However I noticed that there are still...

The server does not currently monitor the “cPHulk Daemon” service. Should be enabled as a good practice?

Hello here : CLOUDLINUX 7.5 standard [is30] v70.0.51 with CSF/LFD due to non-stop brute-force on email-accounts, I've activated CPHulk and used the new tab "Countries Management" and did set a country to "blacklisted" : OK. But looking at the maillog, and the LFD blocking actions on imapd...

Hi, I am having a buggy issue with Cphulk, I am not able to save the configuration setting changes. Save button is dead/not working when I made any change to any config parameter like failure per ip, blocked per ip etc., its not allowing me to update those changes. Please let me know If any one...

cPhulkd seems to be the culprit in an issue that's locking up the server. From our logs: kernel: NMI watchdog: BUG: soft lockup - CPU#5 stuck for 22s! [cPhulkd - proce:4599] After a reboot, it's back again: kernel: NMI watchdog: BUG: soft lockup - CPU#4 stuck for 22s! [cPhulkd - proce:5572]...

Hi, I really like this feature too. I also have question, IS this feature blocking both frontend and backend OR just block backend (root access such as whm)? How do i block just backend and still allow users access frontend? Thank you

Hi, Noticed an unanswered thread over on Configserver forum which also applies to me. My Configserver "deny list" includes IPs which should have been blocked by cPHulk Country blacklists - is there an order of precedence in operation here where cPHulk Country blacklists only kick-in AFTER...

I've just started using the cPHulk Countries Management feature and wanted to say a word of "Thanks" to cPanel. :) I tested with initially blacklisting only 3 countries, who were the biggest culprits in the ConfigServer Deny list. After only 10 minutes, the cPHulk log file showed 26 blocked IPs...

I have a post open on the CSF forum, but I guess CSF devs don't monitor that forum as i've never seen an official answer, so I'm posting the same on here to see if anyone can explain. I see in my logs a small number of failed logins from an IP, which was then blocked in CSF at 00:04am...

In cPHulk's "History Reports", the "Failed Logins" report shows the IP address of each failed login. Perhaps also show the country.

Hi, There is a cli script to add a IP to the cphulk white list or black list : /scripts/cphulkdwhitelist or /scripts/cphulkdblacklist But now in cpanel 70, how I can add country to the whitelist/blacklist using cli commands? We work with ansible, and the "cli" is a must, we have to send a...

I love the new Countries Management feature in v. 70 CPHulk! Is there any performance penalty based on the number of countries blacklisted? It seems like ideally one would block all the countries except the one(s) where clients live.

Hello all, We are getting the same error in this 2 year old thread, so we are opening a new thread: cphulkd internal errors This is our version: 11.58.0.52 Apr 11 05:30:06 web1 dovecot: auth: Error: Cpanel::MailAuth: Brute force checking was skipped because cphulkd failed to process...

Hello, cphulk fail then recover every ~15 min What could be the problem ? I was reading on this forum a similar problem, the reason was low memory, but in my case I have free 6GB memory ram. Thank you for supporting :)

Please clarify this contradiction: cPHulk Brute Force Protection - Version 70 Documentation - cPanel Documentation This sounds like it's a PROTECTION period (as labeled). i.e. how long the block will last. "failures...within the Brute Force Protection Period" <= Now it sounds like this is...

hi i tried out imunify360 and also have installed cloudlinux for my server centos 7 with cagefs and kernel care the issue was to many false positives that it made one of my scripts to not work correctly, so I uninstalled only imunify360, and there modsec rules - now i dont see anyone IP as i...

I´m trying to disable cPHulk´s Username-based Protection. But when i click the disable button and save,the settings are not saved. I reload the page and Username-based Protection continue enabled. Is there any way to repair the cPHulk installation or any command line to disable...