Zardiw

Member
Sep 22, 2017
22
2
18
Palm Springs
cPanel Access Level
Root Administrator
Regarding the Detection Period and the Block Period.

Be nice if there was an explanation of the advantages of values in these fields. .....Also, they should be split into 2 fields. i.e. The detection period, and the block period.

And the ability to permanently add IP's blocked to the firewall....i.e. IPTables.

How does values in the detection period affect protection?....i.e. What is the practical difference between having a short vs long detection period?

Z
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
10,422
1,633
363
cPanel Access Level
Root Administrator
Hey there! Can you let me know what you mean by detection period? The only "detect" I see on the page is the very last option of "Send a notification when the system detects a brute force user" but I don't think that's what you're referring to.

As for the firewall block, this option is already present under the "IP address based protection" and "One day blocks" section:

"Block IP addresses at the firewall level if they trigger brute force protection"
"Block IP addresses at the firewall level if they trigger a one-day block"

Is that not what you were looking to happen or were you looking for something else related to the firewall?
 

Zardiw

Member
Sep 22, 2017
22
2
18
Palm Springs
cPanel Access Level
Root Administrator
Sorry.....I guess what I meant is the 'Brute Force Protection Period'.........no idea what that is.

Also the 'IP Address-Based Protection Period'.

And it doesn't give you the option for how LONG they are blocked.......at the Firewall level.

The one-day block is built in...........I'd like to be able to make it 6 MONTHS.......lol.....or PERMANENT.

Also this is only for attempted logins.............

What would be nice if it could be added to block based on 404 errors..........when guys try to hack pages that don't exist.....

Bottom Line: cPHulk could use an upgrade with more options.....and be more powerful.

If anybody wants to get depressed.........go look at your Errors Log.......it is INSANE how much attempted hacking goes on.....just NUTS.

If cPHulk could be made more automatic.....we could eliminate a lot of this.......

Also, what would be nice is if EVERYBODY could add to a Database of IP's that are hacking......to where cPHulk picks up the new ones daily.........that way we could eliminate a lot of these Aholes....

Z
 

Zardiw

Member
Sep 22, 2017
22
2
18
Palm Springs
cPanel Access Level
Root Administrator
Also I know it sends us an EMail when it blocks somebody..........with links to block at the /24 /16 levels.........would be nice if we had an option that automatically blocks at various levels ........... /16 /24, etc.
I usually block at the /8 level.......for instance
Here's 2 of MANY that I block at the .htaccess level on sites:
1.0.0.0/8 and 20.0.0.0/8 .........which blocks 1.0.0.0 to 1.255.255.255 and 20.0.0.0 to 20.255.255.255...

Using /16, you can block say 1.24.0.0/16 ..... which would block, 1.24.0.0 to 1.24.255.255 ....that way you block an entire range.

I actually block MOST of the world........it's infested with hackers.........

Z