Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED cphulk - period - protection or detection ?

Discussion in 'Security' started by ottdev, Mar 11, 2018.

Tags:
  1. ottdev

    ottdev Well-Known Member

    Joined:
    Oct 1, 2013
    Messages:
    118
    Likes Received:
    4
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Please clarify this contradiction:
    cPHulk Brute Force Protection - Version 70 Documentation - cPanel Documentation

    This sounds like it's a PROTECTION period (as labeled). i.e. how long the block will last.

    "failures...within the Brute Force Protection Period" <= Now it sounds like this is a DETECTION period instead.
    "cPHulk locks the account for one minute for each attempt that you allow" <= and the number of failures is also used as the PROTECTION blocking minutes.

    Which is it? if I set 15 and 25 in these 2 boxes, is it
    25 failures within 15 minutes locks the user account for 25 minutes
    25 failures within 15 minutes locks the user account for 15 minutes

    i.e. the top box is both detection and protection period
    or the top box is detection only and bottom is failures and protection period
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,183
    Likes Received:
    1,935
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Think of it in terms of "how many failed login attempts" are allowed in a specific "time frame". Let's say you use these settings:

    Brute Force Protection Period (in minutes) - 15
    Maximum Failures by Account
    - 25

    If 25 login failures occur for an account within a 15-minute window of time, then the account is locked. The number of minutes the account is locked corresponds to the Maximum Failures by Account setting. If it's set to 25, then the account is locked for 25 minutes.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. ottdev

    ottdev Well-Known Member

    Joined:
    Oct 1, 2013
    Messages:
    118
    Likes Received:
    4
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Thank you. so this statement in the docs in indeed INCORRECT: "Brute Force Protection Period (in minutes): The number of minutes for which cPHulk blocks all login attempts on a specific user's account"
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,183
    Likes Received:
    1,935
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    I've opened a case with our Documentation Team (DOC-10557) to have the description of this option updated. I'll update this thread once the change is published.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,183
    Likes Received:
    1,935
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. ottdev

    ottdev Well-Known Member

    Joined:
    Oct 1, 2013
    Messages:
    118
    Likes Received:
    4
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    That is clear now. Thank you :)
    HOWEVER ...
    Further down the page you have the same incorrect? I suspect OLD verbiage for the other field.
    I assume they both work the same way?

    IP Address-based Brute Force Protection Period (in minutes)
    The number of minutes during which cPHulk blocks an attacker's IP address.
     
  7. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,183
    Likes Received:
    1,935
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @ottdev,

    I've opened internal case DOC-10624 for that particular part of the document. I'll update this thread again once the case is complete.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,183
    Likes Received:
    1,935
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    The changes are now published.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice