SOLVED [CPANEL-23096] Display a warning when cPHulk brute force protection periods are higher than 1440

Daniel Villela

Registered
Oct 4, 2017
4
1
3
Brasil
cPanel Access Level
Root Administrator
I´m trying to disable cPHulk´s Username-based Protection.
cphulk_01.gif

But when i click the disable button
cphulk_02.gif

and save,the settings are not saved.
cphulk_03.gif


I reload the page and Username-based Protection continue enabled.

Is there any way to repair the cPHulk installation or any command line to disable Username-based Protection?

Thanks in advance!
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,216
463
Hello,

Can you let us know of any specific output to /usr/local/cpanel/logs/error_log after clicking the "Save" button?

Thank you.
 

Daniel Villela

Registered
Oct 4, 2017
4
1
3
Brasil
cPanel Access Level
Root Administrator
I did the procedure by clicking the save button but analyzing the log file and did not generate information about this action and no evidence of error.

I got the information from the log file with today's date (2018/03/02).
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,216
463
Hello,

Could you open a support ticket using the link in my signature so we can take a closer look?

Thank you.
 

raysolomon

Active Member
Oct 12, 2006
29
2
153
cPanel Access Level
Root Administrator
It took me some time to figure this out by finally experimenting with all the options.

The problem for me is that long ago I had set the "Brute Force Protection Period (in minutes)" to a value higher than 1440. Make sure that value is 1440 or lower.

Make sure you do the same with the "IP Address-based Brute Force Protection Period (in minutes)" too.

After that, the save button should work again.

I think prior to WHM version 68, it allowed for any value higher above 1440, but not anymore.

Currently the cphulk configuration page doesn't check for invalid values on page load.

Hope that helps someone else out. I couldn't find anybody else talking about this issue.
 
Last edited:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,216
463
Hello @raysolomon,

Thank you for your report. With that information, I was able to reproduce the issue and open internal case CPANEL-23096 to report the problem. I'll monitor this case and update this thread with more information as it becomes available. In the meantime, as you noted the workaround is to enter a value less than or equal to 1,440 in fields related to the brute force protection period.

Thank you.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,216
463
Hello,

To update, this is fixed in cPanel & WHM version 76:

Fixed case CPANEL-23096: cPHulk: Ensure invalid configuration values are marked upon load.

Thanks!