cPHulk Brute Force blocked root because of server IP

martynh

Active Member
Oct 6, 2009
32
0
56
Hi all never had this before but I have just received an email letting me know root has been blocked because of a cPHulk Brute Force detection... I have had a few of these in the past but it seems to be from the servers main IP address

10 failed login attempts to account root (system) -- Large number of attempts from this IP: XX.XX.XX.XX

Why would this be the servers IP doing this, is this an internal attack or something

sorry bit new to cpanel

thanks
martyn
 

PCZero

Well-Known Member
Dec 13, 2003
735
92
178
Earth
This has been happening to a lot of users. You need to SSH to your server and stop the CPHulk process. You may have to put in a support ticket to have your server provider to do this. To have it completely resolve, I had to run the cpanel update again and use the force option. After that I was able to restrat CPHulk in WHM and all was well.