The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPHulk - Maximum Failures before IP blocked for two weeks - what period?

Discussion in 'Security' started by cpangs, Aug 30, 2014.

  1. cpangs

    cpangs Registered

    Joined:
    Aug 30, 2014
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    The main question in the post

    cPHulk - Maximum Failures before IP blocked for two weeks - what period??

    was never answered, so this is a kick to stimulate that. I'll add the following sub-question: Do those rules apply to explicitly whitelisted IP addresses? Here is the text from the unanswered part of original post:

    (The very last question is particularly well put.)
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    This is answered in our documentation:

    cPHulk Brute Force Detection

    In particular, this part answers your questions:

    Enter the number of minutes in which cPHulk measures an attacker's log in attempts in the IP Based Brute Force Protection Period in minutes text box. If an attacker at a specific IP address attempts to log in repeatedly, they will reach the defined number of login attempts within this configured time. cPHulk will consider this a brute force attempt, and will block the attacker's IP address.

    Enter the number of minutes over which cPHulk measures all login attempts to a specific user's account in the Brute Force Protection Period in minutes text box. If several potential attackers attempt to log in and reach that account's defined number of login attempts within this configured time, regardless of IP address, cPHulk will consider this a brute force attempt. All IP addresses will no longer be able to log in to the cPanel user's account. In addition, cPHulk will lock the cPanel user's account.

    Thank you.
     
Loading...

Share This Page