SOLVED cPHulk Brute Force Protection - What are the Blacklist Options?

L

LordLiverpool

Well-Known Member
Dec 27, 2014
57
11
8
cPanel Access Level
Root Administrator
Hello cPanel

When someone tries a Brute Force Attack on my server I get an email to say they've been temporarily blocked, in accordance with my cPHulk settings. I'm given the 4 choices of permanently adding the IP address to a Whitelist/Blacklist? (Blacklist of course!!!)
  1. Block just the offending IP address e.g. 255.255.255.1
  2. Block the offending IP address and the adjacent ones in its immediate range e.g. 255.255.255.0 to 255.255.255.255
  3. Block with a /24 on the end, this seems to do the same as Option 2.
  4. Block with a /16 on the end, this seems to do the same as Option 2.
Can someone please clarify exactly what the /24 and /16 options do? Surely they do something different?!?

I've tried Googling for an answer but haven't found anything clear.

(See Image Attached)

Thanks in advance.

01 Brute Force.PNG
 
L

LordLiverpool

Well-Known Member
Dec 27, 2014
57
11
8
cPanel Access Level
Root Administrator
@cPanelMichael

Thanks for replying. I've read those links, thanks very much.

So this is my fresh understanding, please confirm if I'm correct or not.

CIDR.JPG

Each option would appear to progressively block larger numbers of IP addresses from 1 up to 65536 addresses.

If I’ve understood CIDR correctly; then what is the difference between Option 2 (IANA Netblock) and Option 3 (/24) ?

I ask myself; surely I must be wrong because why would cPanel offer two options that did the same thing?

Am I missing something? If I've misunderstood please set me straight, I’d really appreciate it.

Best Regards
 
Last edited:
C

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
Hello,

It's possible the IANA Netblock will match the /16 class in some cases, however it doesn't always match because IANA Netblocks will differ depending on the specific network. Thus, we provide the IANA Netblock value as a convenience for administrators, even if it sometimes matches one of the other options.

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
D cPHulk Brute Force Blacklist limit 200 only? Security 3
M How to reference IP, ISP, data from cpHulk brute force emails in a command to append offenders to a csv list Security 3
R cPHulk Brute Force Protection Blocking My Email When I Am Trying From Non Whitelisted IP Address Security 9
J cPHulk Brute Force Protection Security 3
P cPHulk Brute Force Protection whitelist error Security 4
Similar threads
cPHulk Brute Force Blacklist limit 200 only?
How to reference IP, ISP, data from cpHulk brute force emails in a command to append offenders to a csv list
cPHulk Brute Force Protection Blocking My Email When I Am Trying From Non Whitelisted IP Address
cPHulk Brute Force Protection
cPHulk Brute Force Protection whitelist error
Top Bottom