The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CPHulk Question

Discussion in 'Security' started by Brett Wilson, Oct 13, 2012.

  1. Brett Wilson

    Brett Wilson Registered

    Oct 13, 2012
    Likes Received:
    Trophy Points:
    Wayne, New Jersey, United States
    cPanel Access Level:
    Root Administrator
    I have enabled CSF/LFD on my centos5 box (i own the whole server and have whm) and configured it to basically block all non-essential incoming ports to the general public. I have configured it to only allow access to all ports to my ip. The only port open to the public that is cpanel-related is the webmail. WHM and cpanel are blocked completely to the public ip space. SO, I am wondering why cphulk is still detecting attacks to 'system'. Can anyone clarify what exactly 'system' stands for? Is it the main whm/cpanel login page? I also get attacks to 'mail', although I'm not sure if that is the webmail login or the actual smtp and imap daemons. Can anyone clarify? Thanks.

Share This Page