The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Block IP addresses at the firewall level - Safe to uncheck?

Discussion in 'Security' started by glauco, Feb 23, 2016.

  1. glauco

    glauco Member

    Joined:
    Aug 26, 2011
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Ok, I know you should never do anything to compromise security. My problem is, the more clients I sign up to my VPs, the more time I seem to waste unblocking morons who can't follow the simple instructions I send them for setting up email accounts, or decide to use their phone's auto-setup (which never works) and get themselves locked out.
    Whitelisting IPs isn't a viable option, all my clients are UK based and most (if not all) internet providers here assign dynamic IPs that get refreshed on a daily basis.
    I am really, really tempted to uncheck "Block IP addresses at the firewall level if they trigger brute force protection" in the cPHulk configuration, so at least when I send clients their email settings I can say "if you mess it up, you'll get locked out for a few minutes, check your settings and try again later, until you get it right" instead of having to manually unblock them every time.
    My question is: how risky is this policy? Realistically, is my server still safe if genuinely malicious IPs only get locked for a limited time rather than permanently, or is this setting really necessary for complete safety? Obviously I don't want any disasters, but I would love to spend less time dealing with stupid enquiries.
    Thanks!
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Are you utilizing CSF to help block brute force attacks? If so, it's unlikely you are sacrificing very much security when disabling this option in cPhulkd, as CSF should pick up the attacks.

    Thank you.
     
  3. glauco

    glauco Member

    Joined:
    Aug 26, 2011
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Yes CSF is installed though I've not done any configuration on it. The "check server security" button highlights a lot of options I need to check. As long as I configure CSF properly, I can go ahead and disable that option?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Yes, the option to block IP addresses in cPHulk is not required, so you can disable it if you prefer to use CSF to prevent these types of attacks.

    Thank you.
     
Loading...

Share This Page