cPHulk Failed Attempts from new IPs everyday

P

phoxlabs

Registered
Nov 1, 2013
3
0
1
cPanel Access Level
Root Administrator
I have a dedicated server with a few accounts on it with cPHulk enabled hosted at a Colo. I get about 15 notifications everyday saying that there was "Large number of attempts from IP XXX.XXX.XXX.XXX", all from random countries around the world.

I have strong passwords setup and everything is running fine but my question is, is this normal? Are these just bots out there scanning IPs with open ports and just trying to brute force to attach an account?

Should I install another layer of security? Ignore the notifications?

As they have come in, I have blacklisted them so far.
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,268
463
Hello :)

Yes, this is quite typical. I recommend installing a third-party firewall application such as CSF if you have not done so already.

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
C How to export all failed IPs from cpHulk into txt/csv? Security 2
R SOLVED [CPANEL-25503] cPHulk is one-day blocking whitelisted address for maximum failed authentications Security 6
B SOLVED cpHulk failed attempts list is now permanently empty? Security 12
C cPHulk reports many failed login attempts Security 5
natong cPHulk Brute Force Protection CANNOT protect Large Number of Failed Login Attempts Security 12
Similar threads
How to export all failed IPs from cpHulk into txt/csv?
SOLVED [CPANEL-25503] cPHulk is one-day blocking whitelisted address for maximum failed authentications
SOLVED cpHulk failed attempts list is now permanently empty?
cPHulk reports many failed login attempts
cPHulk Brute Force Protection CANNOT protect Large Number of Failed Login Attempts
Top Bottom