cphulk lock out without failed logins

rene123 · Jan 28, 2014

This problem is getting pretty annoying. I get locked out from WHM (only) quite often nowadays. My other cpanel control panels works as usual, it's always the root account that's get blocked (from ssh also). I haven't tried to login for a week or so. Got a new ip probably in that time from my ISP.

If I wait a day or so the problem is solved. How can this be? Can cphulk block the whole account rather then just IPs? How to fix?

rene123 · Jan 28, 2014

mokey. Actually solved the problem partially:
How to add a user to the sudoers list | USB Pen Drive Linux

Login as the new user and :
sudo /usr/local/cpanel/bin/cphulk_pam_ctl --disable
sudo /usr/local/cpanel/etc/init/stopcphulkd

WHM now works. Flush cphulk database and disable/enable cphulk again from whm.

Anyway, still dont know why cphulk locks me out without even trying to login?

cPanelMichael · Jan 28, 2014

Yes, cPHulk will block authentication for a username, and not simply for the IP address that attempted the brute force attempt. This is by design. The workaround you referenced is suitable in the event you are unable to access SSH as "root".

Thank you.

Thread starter	Similar threads	Forum	Replies	Date
F	cPHulk - Blacklisted IPs Still Appear In The One-Day Blocks History Report	Security	2	May 14, 2023
N	cpHulk locked root	Security	1	Aug 12, 2022
A	CPHulk country block not working	Security	3	Apr 7, 2022
S	Cphulk - not blocking "[WARNING] Sorry, cleartext sessions and weak ciphers" IPs	Security	2	Nov 27, 2021
L	cPHulk - How to remove temporarily blocked IPs without clearing the whole list?	Security	6	Sep 30, 2015

Search

Search

cphulk lock out without failed logins

rene123

Active Member

rene123

Active Member

cPanelMichael

Administrator