The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cphulk lock out without failed logins

Discussion in 'Security' started by rene123, Jan 28, 2014.

  1. rene123

    rene123 Active Member

    Joined:
    Feb 20, 2009
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    This problem is getting pretty annoying. I get locked out from WHM (only) quite often nowadays. My other cpanel control panels works as usual, it's always the root account that's get blocked (from ssh also). I haven't tried to login for a week or so. Got a new ip probably in that time from my ISP.

    If I wait a day or so the problem is solved. How can this be? Can cphulk block the whole account rather then just IPs? How to fix?
     
  2. rene123

    rene123 Active Member

    Joined:
    Feb 20, 2009
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    mokey. Actually solved the problem partially:
    How to add a user to the sudoers list | USB Pen Drive Linux

    Login as the new user and :
    sudo /usr/local/cpanel/bin/cphulk_pam_ctl --disable
    sudo /usr/local/cpanel/etc/init/stopcphulkd

    WHM now works. Flush cphulk database and disable/enable cphulk again from whm.

    Anyway, still dont know why cphulk locks me out without even trying to login?
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Yes, cPHulk will block authentication for a username, and not simply for the IP address that attempted the brute force attempt. This is by design. The workaround you referenced is suitable in the event you are unable to access SSH as "root".

    Thank you.
     
Loading...

Share This Page