cPHulk Ban Questions

W

workingl

Registered
Nov 15, 2016
1
0
1
US
cPanel Access Level
Website Owner
I've got over a hundred login attempts on some IP's - but I thought I got cphulk set up to limit how many attempts before ban...

I have Maximum Failures per IP Address in cphulk set to defualt: 5
Maximum Failures per IP Address before the IP Address is Blocked for One Day: 30

Typical in my login_log file is to see way more than 30 or 5 of the same lines:

[2016-11-11 15:41:55 +0000] info [cpsrvd] 198.71.86.113 - [username] "POST /login/?login_only=1 HTTP/1.1" DEFERRED LOGIN cpaneld: brute force attempt (user [username]) has locked out IP 198.71.86.113 (2)

If they've been locked out trying to brute force with the same IP and [username] why isn't cphulk banning the ip?
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,258
463
Hello @workingl,

cPHulk will only block the IP address at the firewall level when the following option is enabled under "One-Day Blocks" or "IP Address-based Protection":

"Block IP addresses at the firewall level if they trigger brute force protection"

Note this option is not available on Virtuozzo environments. Documentation on cPHulk Brute Force Protection is available at:

cPHulk Brute Force Protection - Documentation - cPanel Documentation

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
E SOLVED Remove IP Address from cPHulk Whitelist via cli/terminal? Security 8
T cpHulk security warning on deactived sshd service. Security 2
kiozix How to ban lifetime with cphulk Security 2
P Setting up CPhulk to ban for 3 months Security 15
A How to show ip banned in blacklist cPHulk? Security 4
Similar threads
SOLVED Remove IP Address from cPHulk Whitelist via cli/terminal?
cpHulk security warning on deactived sshd service.
How to ban lifetime with cphulk
Setting up CPhulk to ban for 3 months
How to show ip banned in blacklist cPHulk?
Top Bottom