The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cphulk Has Totally Rendered Both My Whm And Ssh Connection Useless? :(

Discussion in 'Security' started by PhoenixUK, Jul 31, 2015.

  1. PhoenixUK

    PhoenixUK Member

    Joined:
    Sep 15, 2013
    Messages:
    21
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    I've been having intermittent issues lately whereby I narrowed it down upon finally getting access to my WHM, and cphulk was the offending feature.

    Now I'm rendered totally login-less, as both WHM and my SSH connection via putty will not accept my credentials.

    I've spoken to my host who whilst they've tried to help, can't go any further without a sizeable fee, as it's an "unmanaged" product. They said apparently that they tried re-enabling password authentication through the sshd_config file, but they were also still not able to login unfortunately.

    Then they suggested the following;

    "The only other alternative would be to purchase a replacement server, then copy everything across. We can mount the image for this old server on the new server as a 2nd hard drive if necessary, as that would make the data migration process a lot easier for you.

    If you wish to go down the route of setting up a replacement server, please let us know before you complete the checkout process, so we can make sure the new server is built on the same kvmhost".

    They also tried getting me to put the server in to single user mode, but the problem with that is it won't accept my password, this is so frustrating it's untrue and I knew I should just have left cphulk disabled the other night, when I first ran in to these problems but they didn't lock me out 100% like now.

    I would like to know if there's any other way at all that can be attempted before I choose what my next move is... life really is a biatch right now! :(

    I look forward to hopefully hearing form somebody soon.

    P.S. I can't even raise an official cPanel support ticket, as I can't create a support ID, as I don't currently have access to the WHM to be able to make the link.
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,447
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. ModServ

    ModServ Well-Known Member

    Joined:
    Oct 17, 2006
    Messages:
    332
    Likes Received:
    5
    Trophy Points:
    18
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
    Recovery mode > mount hard disk > chroot > disable cphulk > reboot
     
  4. PhoenixUK

    PhoenixUK Member

    Joined:
    Sep 15, 2013
    Messages:
    21
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    In effect yes, then when everything is ported over, I'd cancel the first product and go forward with the newer accessible one. In all fairness, it is an 'unmanaged' product and I'm still very much learning, often it's only when things happen or go belly up, does one get the time to learn etc.

    Many get slated on forums for "why have a vps or dedicated server when you don't know jack kind of attitude"... so if any other those sorts of posters 'are' about, I will don my tin hat and say everybody is different, has different levels in everything we all do in life but we should all still be able to try to learn to the best of our abilities, in whatever we chose... well so long as it's a legal choice lol.

    Anyway, I've passed on the above messages from you both to them, thank you much appreciated and I will see what they say but prob come back with the same line as a short time ago about the £75per hour if I want to keep trying to solve my current vps issues.

    I've never had a bad word to say about this host for YEARS, in all fairness - always been spot on, so I don't feel like they're trying to shaft me, probably just feel I've had enough support ticket responses during today, again considering it's sold as an 'Unmanaged' product.

    I will keep you informed but don't think they will change their mind this time around.

    Regards,
     
  5. ModServ

    ModServ Well-Known Member

    Joined:
    Oct 17, 2006
    Messages:
    332
    Likes Received:
    5
    Trophy Points:
    18
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
    If they put your server in recovery mode (It doesn't cost a dime), then you will be able to restore your access with no time.

    About "why have a vps or dedicated server when you don't know jack kind of attitude", I disagree people who write this kind of stuff because everyone has his first time in everything, If someone is expert in Linux don't you think his first time was disaster and he was like an idiot don't know where to go and what to do? Don't consider replying to this kind of stuff and continue on your way.

    Waiting your feedback.

    Best regards,
     
  6. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,447
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Well, if you're learning, that's one thing. But you thread title doesn't give any indication of that, or maybe it does.

    Unmanaged doesn't mean they shouldn't help you when you lock yourself out of the server though, I don't think. Or at least, know where the docs are for a product they offer.

    Sounds to me like you had some other sort of issue(s) here, cPHulk being only a part of the problem.

    Good luck with this!
     
  7. PhoenixUK

    PhoenixUK Member

    Joined:
    Sep 15, 2013
    Messages:
    21
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Modserv,

    Thanks for the above and they've come back saying there were crossed wires when it was passed between support reps;


    "My sincere apologies for the confusion, I was investigating this as if it were an issue with your SSH configuration. I had assumed cPHulk had been checked before this got passed to me, unfortunately this wasn't the case! (I did also get some rather confusing error messages after using the passwd command, which distracted me further)

    Disabling cPhulk has now fixed this. My sincere apologies for the delays with regards to this.

    Here's the commands I used to do this, in case you need to revert this:

    root@vps [/]# /usr/local/cpanel/etc/init/stopcphulkd
    Service “cphulkd” is already stopped.
    cphulkd stopped successfully.
    root@vps [/]# /usr/local/cpanel/bin/cphulk_pam_ctl --disable
    root@vps [/]#


    Your server's root password has also been reset to (taken out obviously for posting here), although you shouldn't need that if you use key authentication"​

    So I've just asked for clarification of what process I'm to try logging in with, the normal WHM or SSH ways as I could before cphulk started getting aggressive with my IP etc, or the previously mentioned single user mode and setting it all up that way.

    I will await their clarification on this and see where it takes me, hopefully I will be able to recover and then utilise you guys to try and understand exactly what is happening with cphulk, as I do believe it's the culprit.

    Thanks in advance for your thoughts above. :)

    Regards,​
     
  8. PhoenixUK

    PhoenixUK Member

    Joined:
    Sep 15, 2013
    Messages:
    21
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Oh I'm most definitely learning and doing more than i'd previously touched / tinkered with in this past week or two but it's slow going sometimes, a steep but fun learning curve lol.

    In past chats with my host about this approx 4 or 5 days ago, they seem to believe even though I'm whitelisted within cphulk etc - as my home internet doesn't deliver a true dedicated IP address (UK it's crap, can only get those if on a business account) and nor does my hosting have a true static / deidcated IP address, cphulk may not be liking this and the best route maybe to get a dedicated IP from them and make use of it... something to that effect.

    I'm not saying it's 100% cphulk but it's presented the same issues I had during a roundcube mail login issue in the last week, once I got back in, disabled cphulk boom it was all back to normal. I then made sure I was whitelisted, searched and read about what other settings to tweak in cphulk and then enabled cphulk before going to bed... little did I know I'd obviously still not got it firing 100% perfect and hence now the currently total lockdown.

    Thanks for the message, much appreciated.
     
  9. PhoenixUK

    PhoenixUK Member

    Joined:
    Sep 15, 2013
    Messages:
    21
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    OK I'm in WHM via my smartphone, (I'd read somebody else on here try that) with home wifi deactivated whilst I try this, so connecting to WHM through my mobile internet and it's own IP... and it works... so it seems to be my home wireless IP that's causing the problem, as I'm still not able to access WHM via my laptop and I'm using the same access details as outlined above and that work if via my mobile internet... weird

    Ok, so can somebody please help me out by explaining exactly what I need to do to sort cphulk out, so I don't lose any real security of the server but can try to stop this happening in future... it would be much appreciated?

    I'm working with CentOS 6.6 / WHM 11.50.0 (Build 29) and Apache 2.4 if that may help, or not as the case maybe. :)

    Thanks.
     
  10. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,447
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Sure, visit the whitelist tab in cPHulk and your current IP will be captured and added automagically. While you're there, add your home IP.

    On Blacklist tab, clear the entries, assuming you're on it.

    Do you have CSF installed? If yes be sure to add your home IP (and mobile IP) to the ignore list there as well.
     
  11. PhoenixUK

    PhoenixUK Member

    Joined:
    Sep 15, 2013
    Messages:
    21
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Hi There,

    Thanks for the reply, can I just clarify you mean the public IP address for my home IP, as in the external one that shows up when one does a whatsmyip search for e.g. - as I believe if I've read correctly this evening, an internal IP won't make one bit of difference and it's dynamic anyway as previously mentioned, never truly static unless you're luck enough to run a business and can afford one.

    I don't have CSF but did read a little on other threads about it. I need to go to the actual resource now and read up but won't install CSF require SSH access, as currently I can get in via WHM now finally but can't access the same root account via SSH as yet, still working on it.

    Regards,
     
  12. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,447
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Yes.

    Yes.

    HTH! :)
     
Loading...

Share This Page