The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Brute Force protecion problem

Discussion in 'General Discussion' started by upsforum, Nov 21, 2008.

  1. upsforum

    upsforum Well-Known Member

    Joined:
    Jul 27, 2005
    Messages:
    446
    Likes Received:
    0
    Trophy Points:
    16
    I have a problem with Brute Force protecion.

    From 20 hours ago I don't can access to WHM, I receive this message:

    Brute Force Protection
    This account is currently locked out because a brute force attempt was detected. Please wait 10 minutes and try again. Attempting to login again will only increase this delay. If you frequently experience this problem, we recommend having your username changed to something less generic.

    I don't understand this problem, with SSH console I can access with root privileges but in WHM I cannot
     
  2. hightekhosting

    hightekhosting Active Member

    Joined:
    Aug 12, 2007
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Have your tried accessing from another IP/network to see if you can get in?

    Worst case scenario....lodge a ticket with cPanel and their techs can fix you up pronto :)

    Cheers,

    Dale
     
  3. PDW

    PDW Well-Known Member

    Joined:
    Dec 29, 2003
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    try disabling the firewall temporarily to see if thats the cause. Put your IP int he trusted access list.
     
  4. upsforum

    upsforum Well-Known Member

    Joined:
    Jul 27, 2005
    Messages:
    446
    Likes Received:
    0
    Trophy Points:
    16
    I disable and flush Brute Force Proteciont from WHM.

    Bu I thing, is I don't access to WHM How I disable and /or flush Brute Force from SSH console?
     
  5. stdout

    stdout Well-Known Member

    Joined:
    Apr 10, 2003
    Messages:
    189
    Likes Received:
    5
    Trophy Points:
    18
    Location:
    Nelspruit, Mpumalanga, South Africa
    cPanel Access Level:
    Root Administrator
    Assuming you're using CSF and not APF + BFD, you'de simply issue the command:
    Code:
    csf -a <ipaddr>
    The above command will whitelist the IP and also remove it from the denylist (if present).

    I recommend APF + BFD (rfxnetworks.com) as a friendlier alternative to CSF.
    However you do lose the option to block an IP for a specific time which I like.
     
  6. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
    Hi,

    I am not using CPHulkd but I did a locate and did find the the following:

    /usr/local/cpanel/etc/init/stopcphulkd Which will stop the process

    /usr/local/cpanel/etc/init/startcphulkd to start
    /scripts/cphulkdwhitelist to whitelist

    You could always just whitelist your IP
     
  7. vincentg

    vincentg Well-Known Member

    Joined:
    May 12, 2004
    Messages:
    140
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    new york
    I just ran into a problem with brute force.

    Having every once in a while some hacker trying to login as root I tried to restrict the IP for SSH.

    This seemed like a good idea but I found out that when both are set you have big problems.

    Every SSH attempt will trigger brute force.

    So best to just turn off brute force if you limit what IP can login with SSH
     
Loading...

Share This Page