The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPHulk notification email links don't work

Discussion in 'Security' started by Bloke2, Feb 13, 2015.

  1. Bloke2

    Bloke2 Active Member

    Joined:
    Feb 4, 2015
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    I get email notifications "Excessive Number of Failed Login Attempts from IP ..." When I click on the link in the email URL to add them to the black list it says it can't find the server. What do i need to change?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Could you let us know which version of cPanel is installed on your system? EX:

    Code:
    cat /usr/local/cpanel/version
    Thank you.
     
  3. Bloke2

    Bloke2 Active Member

    Joined:
    Feb 4, 2015
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    11.48.0 (build 12) Maybe it has something to do with the firewall. What I have had to do was go to the link and copy the ip address and paste it in CPHulk.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    The issue you have described should have been addressed with internal case number 160929 in cPanel version 11.48.0.11. Feel free to open a support ticket using the link in my signature so we can take a closer look. You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  5. Bloke2

    Bloke2 Active Member

    Joined:
    Feb 4, 2015
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    I am not a cPanel customer so can I still open a ticket? Should I just try to upgrade cPanel?
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  7. Bloke2

    Bloke2 Active Member

    Joined:
    Feb 4, 2015
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    The error is because my hostname was not resolving to an IP address and I needed to set the hostname.
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  9. Bloke2

    Bloke2 Active Member

    Joined:
    Feb 4, 2015
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Is there anyway to set it up so these ip addresses get added automatically? Since I got the new server set up I get about 3 emails a day with ip addresses to add to the blacklist.

    Is this a normal about of "Excessive Number of Failed Login Attempts" emails?
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You can see all of the configuration options for cPhulk at:

    "WHM Home » Security Center » cPHulk Brute Force Protection"

    You only have to add the IP address to the blacklist if you want to block it permanently.

    Thank you.
     
  11. Bloke2

    Bloke2 Active Member

    Joined:
    Feb 4, 2015
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Ok so from what I can tell it won't add then automatically. So is there any harm if I don't add them to the blacklist? Is about 3 emails a day, is this a normal amount of email notifications?
     
  12. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    There's no normal amount of emails, as it just depends on how often brute force attempts are made on your server. You don't have to add those IP addresses to the blacklist unless you notice those same IP addresses continue to make brute force attempts.

    Thank you.
     
  13. Bloke2

    Bloke2 Active Member

    Joined:
    Feb 4, 2015
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Thanks. Just trying to be extra cautious. When I get the email it has three links. One is single IP, then /24 and /16 what should I enter? I was putting all three.
     
  14. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Those are provided in-case you want to block more than just the individual IP address:

    CIDR Notation

    Thank you.
     
Loading...

Share This Page