CPHulk blocked my server which hosts WHMCS for failed login attempts to account root

T

texas90

Member
Jun 10, 2014
22
0
1
cPanel Access Level
Root Administrator
I find this wierd.
How can WHMCS try to login with a WRONG password? While I am using the hash key not username and passowrd in WHMCS.
My WHMCS IP is in the list of blocked IPs by CPHulk and it says
""failed login attempts to account root (system) -- Large number of attempts from this IP""

What is going on?
 
D

danrussell

Well-Known Member
Nov 5, 2014
61
4
58
cPanel Access Level
Root Administrator
Hi :),

It appears that your WHMCS installation to be infected by some malware, which is causing the Fake attempts to the server for root user.

Scan the WHMCS installation for Malware and viruses. Also patch the latest version of WHMCS to avoid this in Future.
 
T

texas90

Member
Jun 10, 2014
22
0
1
cPanel Access Level
Root Administrator
My WHMCS installation is up to date and I think it is unlikely that WHMCS would get infected with maleware.

Can someone from cPanel tell me whats going on??
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
K The last attempt to update cPanel & WHM was blocked. Account Administration 1
W cPanel IP/DNS blocked in Gmail Account Administration 3
Jafar Muhammed cPanel update blocked due to disk space available issue Account Administration 6
D cphulk 11.50+ : remove IP via ssh connection Account Administration 3
durangod whmcs domainsync is getting blocked as a suspicious process Account Administration 3
Similar threads
The last attempt to update cPanel & WHM was blocked.
cPanel IP/DNS blocked in Gmail
cPanel update blocked due to disk space available issue
cphulk 11.50+ : remove IP via ssh connection
whmcs domainsync is getting blocked as a suspicious process
Top Bottom