SOLVED [CPANEL-23096] Display a warning when cPHulk brute force protection periods are higher than 1440

Daniel Villela · Mar 2, 2018

I´m trying to disable cPHulk´s Username-based Protection.

But when i click the disable button

and save,the settings are not saved.

I reload the page and Username-based Protection continue enabled.

Is there any way to repair the cPHulk installation or any command line to disable Username-based Protection?

Thanks in advance!

cPanelMichael · Mar 2, 2018

Hello,

Can you let us know of any specific output to /usr/local/cpanel/logs/error_log after clicking the "Save" button?

Thank you.

Daniel Villela · Mar 2, 2018

I did the procedure by clicking the save button but analyzing the log file and did not generate information about this action and no evidence of error.

I got the information from the log file with today's date (2018/03/02).

cPanelMichael · Mar 2, 2018

Hello,

Could you open a support ticket using the link in my signature so we can take a closer look?

Thank you.

raysolomon · Sep 13, 2018

It took me some time to figure this out by finally experimenting with all the options.

The problem for me is that long ago I had set the "Brute Force Protection Period (in minutes)" to a value higher than 1440. Make sure that value is 1440 or lower.

Make sure you do the same with the "IP Address-based Brute Force Protection Period (in minutes)" too.

After that, the save button should work again.

I think prior to WHM version 68, it allowed for any value higher above 1440, but not anymore.

Currently the cphulk configuration page doesn't check for invalid values on page load.

Hope that helps someone else out. I couldn't find anybody else talking about this issue.

cPanelMichael · Sep 19, 2018

Hello @raysolomon,

Thank you for your report. With that information, I was able to reproduce the issue and open internal case CPANEL-23096 to report the problem. I'll monitor this case and update this thread with more information as it becomes available. In the meantime, as you noted the workaround is to enter a value less than or equal to 1,440 in fields related to the brute force protection period.

Thank you.

cPanelMichael · Oct 22, 2018

Hello,

To update, this is fixed in cPanel & WHM version 76:

Fixed case CPANEL-23096: cPHulk: Ensure invalid configuration values are marked upon load.

Thanks!

Thread starter	Similar threads	Forum	Replies	Date
K	In Progress CPANEL-42899 - Header Response	Security	8	Saturday at 1:18 PM
B	Server's own IP in cpHulk reporting system cpaneld auth failure?	Security	13	May 13, 2023
A	AutoSSL not generating certificate for domains with previous external certificates (cPanel or ZeroSSL), even after expiration or deletion	Security	1	Apr 27, 2023
	/usr/local/cpanel/bin/rebuild_sprites can be run as capnel user?	Security	1	Apr 24, 2023
S	Rooted Status and cPanel Washing its Hands of Us	Security	6	Apr 18, 2023

Search

Search

SOLVED [CPANEL-23096] Display a warning when cPHulk brute force protection periods are higher than 1440

Daniel Villela

Registered

cPanelMichael

Administrator

Daniel Villela

Registered

cPanelMichael

Administrator

raysolomon

Active Member

cPanelMichael

Administrator

cPanelMichael

Administrator