Brute Force blocked me. how to unblock with ssh?

Dreamy

Well-Known Member
Sep 16, 2008
52
0
56
# Solved # Brute Force blocked me. how to unblock with ssh? # Solved #

what kind of command in ssh terminal would show me list of blocked IP addresses?

how to unblock specified IP ?
 
Last edited:

robbie_troster

Well-Known Member
Mar 26, 2009
65
0
56
easiest thing to do is just restart your router. It'll change your IP for you.

Or

Restart the server and that will clear the brute force.

Or

Just wait until the time is up
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
40
248
somewhere over the rainbow
cPanel Access Level
Root Administrator
Which brute force mechanism are you using? You can find the block in iptables by doing this:

/sbin/iptables -n -L|grep IP#

Where IP# is your IP#

If you know which firewall you are running and the brute force script is part of it, just cd to the location such as /etc/csf or /etc/apf and then egrep for your IP:

egrep IP# *

You'll find which files it placed the IP into. After that, then add your IP to the whitelist, which you should always do:

apf -a IP#
or
csf -a IP#

So you don't get blocked again.

Thanks.

[Edit] Guess you already got it figured out and you are using cphulk rather than LFD / BFD. You should still ensure to whitelist your IP, though.
 
Last edited:

Dreamy

Well-Known Member
Sep 16, 2008
52
0
56
easiest thing to do is just restart your router. It'll change your IP for you.

Or

Restart the server and that will clear the brute force.

Or

Just wait until the time is up
Im root user of the server and I should wait?!
I waited for 20 mins and it still says Im blocked.
how to unblock via terminal?

By the way I have STATIC IP on my router!

Edit: Fixed, I used following command..
# echo "delete from brutes; delete from logins;" | mysql cphulkd
 
Last edited:

labahost

Well-Known Member
May 4, 2004
56
0
156
Im root user of the server and I should wait?!
I waited for 20 mins and it still says Im blocked.
how to unblock via terminal?

By the way I have STATIC IP on my router!

Edit: Fixed, I used following command..
# echo "delete from brutes; delete from logins;" | mysql cphulkd
This helped me too. But the question is why I was blocked by "Brute Force" ? (Can it be because Firefox restores tabs opened by me?) But it wasn't happening before.
Also this command seems to remove blocking temporarily. Does it mean that I'm infected? (I'm accessing it from Ubuntu, so it's not probable) How otherwise this blocking can be triggered? (It seem to have very weird behavior)
 
Last edited: