The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cphulk triggered forced lockout for root after tweaking settings

Discussion in 'Security' started by jasoncollege24, May 3, 2015.

  1. jasoncollege24

    Joined:
    Mar 25, 2012
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Portsmouth, Virginia, United States
    cPanel Access Level:
    Root Administrator
    as the title suggests, cphulk brute force protection has triggered a forced 1 day lock out of the root account. The odd part is that this lockout was triggered by IP address 0.0.0.0 (which was noted as a default for redirects of SSL and non-SSL respective ports in settings tweaker)

    I cannot access the server in any fashion. SSH replies with access denied, and WHM says the login is invalid. The server is a dedicated server, and cpanel was just setup today. I'm confused why such settings would default to 0.0.0.0 instead of the server's IP address.

    Is there some way to get around this in order to restore access to the server, or do I need to completely reinstall the OS, and cpanel in order to regain my access?
     
  2. jasoncollege24

    Joined:
    Mar 25, 2012
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Portsmouth, Virginia, United States
    cPanel Access Level:
    Root Administrator
    Ok the problem sorted itself out, and I was able to disable cphulk, but the question remains... under the "System" section of tweak settings, I noticed it says I can change it so that it's an IP with a port, or just a port for Apache non-SSL IP/port and SSL ports.

    Right now it is set to 0.0.0.0:80 and 0.0.0.0:443 respectively. Is there a change i need to make somewhere that will prevent these settings from triggering cphulk brute force protection? Can I just set these to 80 and 443 respectively, without any IP address?
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  4. jasoncollege24

    Joined:
    Mar 25, 2012
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Portsmouth, Virginia, United States
    cPanel Access Level:
    Root Administrator
    Oops! My apologies! I forgot to reply to this thread to close the issue. This issue resolved itself once the initial DNS propagation, Inicial cPanel account, and reverse DNS were completed. I don't know which of these (or combination there of) caused this to fix itself, but incoming traffic is no longer identified as 0.0.0.0 by cPHulk, which was the cause of the problem.

    Thank you for the reply though. :)
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page