Access WHM page through differnet port?

Is there another way to access WHM page than https://www.domain.com:2087? I have locked ports 2080-3000 and allows only access from particular IPs but it looks like today I have got Large Number of Failed Login Attempts message so it means someone used another port to access WHM page.

Any clue?

Thanks

 

Here:

Code:

3 failed login attempts to account blabla (system) -- Large number of attempts from this IP: 184.22.210.250

Reverse DNS: 184-22-210-250.static.hostnoc.net

Origin Country: United States (US)

Please use the following links to add to the black list:

Single Ip: https://www.mydomain.com:2087/cgi/bl.cgi?ip=184.22.210.250
       /24: https://www.mydomain.com:2087/cgi/bl.cgi?ip=184.22.210.0/24
       /16: https://www.mydomain.com:2087/cgi/bl.cgi?ip=184.22.0.0/16



Please use the following links to add to the white list:

Single Ip: https://www.mydomain.com:2087/cgi/wl.cgi?ip=184.22.210.250
       /24: https://www.mydomain.com:2087/cgi/wl.cgi?ip=184.22.210.0/24
       /16: https://www.mydomain.com:2087/cgi/wl.cgi?ip=184.22.0.0/16

Above IP is not allowed on the firewall and somehow was able get to the WHM login page. I have tested access from ports range 2080-3000 and I wasn't be able to reach WHM login page only when accessing from proper IP.

 

But the question is how that person got to the WHM login page when port 2087 is locked?

 

Yes - a hardware firewall before the server.

PS.
It looks like cpHulk throws message on any failure even FTP not only WHM access. Can someone confirm that?