The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPhulk blocking 0.0.0.0

Discussion in 'Security' started by fabin, Mar 11, 2015.

  1. fabin

    fabin Active Member

    Joined:
    Nov 27, 2009
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Gods Own Country
    Today, I couldn't login to my server using SSH and WHM. I had to disable cphulk from rescue mode in order to get the access back.

    On checking the cphulk report, I could see that 0.0.0.0 is blocked. See screenshot attached. Why is 0.0.0.0 blocked?
     

    Attached Files:

  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Is there any traffic identified as 0.0.0.0 aimed at the server? You may want to install tcpdump and run the following command to see if that's the case:

    Code:
    tcpdump -nnvv host 0.0.0.0
    If you see data, check for the Client-Ethernet-Address from the output and determine if it's from your own server:

    Code:
    ifconfig|grep [Client-Ethernet-Address-Here]
    Thank you.
     
  3. ds00424

    ds00424 Member

    Joined:
    Apr 10, 2015
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Internet
    cPanel Access Level:
    Root Administrator
    I heard from Bluehost that there is a bug with a signature similar to trouble mentioned here. cphulk is erroneously getting the connecting IP as 0.0.0.0 and then blocking it. I was unable to ssh log into my Bluehost system. They turned off cphulk and then I could log in. Said it was a known bug and were working with cPanel to get it resolved.

    Is there a defect i can watch to know when it is fixed?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    There's an open case regarding the use of "su" to access root, but not for the issue described by the original poster. Could you have your hosting provider let you know the case number they are referring to?

    Thank you.
     
Loading...

Share This Page