Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

A lot of Brutes (Excessive Login Failures)

Discussion in 'Security' started by Ivanko#, Dec 10, 2014.

  1. Ivanko#

    Ivanko# Registered

    Joined:
    Sep 9, 2014
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Hello all. This is my first post in cPanel forum. I am new WHM/cPanel user. I have VPS with CentOS. There i host only Wordpress sites. Security is beyond the scope of cPanel support but despite of that the saved me in one realy critical situation and help me several times. So i figure, I can post on formum, maybe someone will help.

    So, from first time I entered in WHM, in cPHulk, i saw a lot of Brutes (Excessive Login Failures). Each day i blacklist all that IP addresses manualy since i don't have money for CSF (ConfigServer Security & Firewall) which doest that automaticaly as i understud.

    I changed SSH port and when I done that, brutes stoped for few days. But they returned, and today there was like 40+ entries in cPHulk. Do you know what i should do? I don't want someone compromise server becouse these are not my website, there are few sites from serious companies which are depending on me.

    Like I said, I am using up-to-date Wordpress, with up-to-date licenced theme and plugins. I have renamed my wp-login.php page.

    All passwords for all ftp, cpanel, mail, wordpress are excelent 100% (generated). Any advice? Thank you very much!
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,585
    Likes Received:
    439
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    CSF is available to you on the ConfigServer website, there is no fee for it.

    It's doing its job. You want that.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Ivanko#

    Ivanko# Registered

    Joined:
    Sep 9, 2014
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    I understand. Thanks!
     
  4. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    1,037
    Likes Received:
    47
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    I'm also very new to this, a week old virgin.

    I created this list to add to the CPHULK blacklist.
    Since adding this list, I've not seen one single brute force attack listed.

    Take out the ones which correspond to you, so you don't blacklist yourself.

    Also install CSF, it's really easy to install.
    Once installed, find it at the bottom in plugins.
    Then apply one of the pre-configured profiles. ( i chose high security)

    Fine tune from there.

    - Removed -
     
    #4 keat63, Dec 10, 2014
    Last edited by a moderator: Dec 12, 2014
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,585
    Likes Received:
    439
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Heck of a list you've got there. Where did you come up with that at? :rolleyes:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    1,037
    Likes Received:
    47
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    belt and braces ;)

    or called making it up as you go along i guess, is there an easier way ?
     
    #6 keat63, Dec 11, 2014
    Last edited: Dec 11, 2014

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice