cPHulk whitelist/blacklist precedence

dcusimano

Member
Feb 24, 2008
16
5
53
Toronto, Ontario, Canada
cPHulk has IP "Whitelist Management", IP "Blacklist Management" and "Countries Management". What is the relative precedence of these lists? What if an IP is on more than one of these lists?

For example, if I whitelist an IP in a country (e.g.: Canada) and then blacklist the country Canada, would access from that IP be allowed? If Country has precedence, I don't see why I would whitelist an entire country.

I am in Canada (my server is in USA), so I currently blacklisted all countries except USA and Canada, and whitelisted portions of my ISP's IP ranges. I left USA and Canada as "not specified".
 

linux4me2

Well-Known Member
Aug 21, 2015
259
78
78
USA
cPanel Access Level
Root Administrator
My understanding based on other threads here and the documentation for cPHulk is that if you whitelist an IP, you will be allowed to log in using that IP even if the country that IP belongs to is blacklisted. I'm basing that on the recommendation in the documentation that you whitelist your own IP in order not to get locked out by cPHulk with other settings.

It seems like the order of precedence is whitelist -> blacklist -> country list.

I am in Canada (my server is in USA), so I currently blacklisted all countries except USA and Canada, and whitelisted portions of my ISP's IP ranges. I left USA and Canada as "not specified".
I believe that is correct for your situation.
 
  • Like
Reactions: dcusimano

24x7server

Well-Known Member
Apr 17, 2013
1,911
96
78
India
cPanel Access Level
Root Administrator
Twitter
Hi,

cPHulk has IP "Whitelist Management", IP "Blacklist Management" and "Countries Management". What is the relative precedence of these lists? What if an IP is on more than one of these lists?
The whitelist configuration is referred first and then the blacklist configuration. This hold true for almost all configuration in Linux..
 

dcusimano

Member
Feb 24, 2008
16
5
53
Toronto, Ontario, Canada
Okay, so a whitelisted IP/country has precedence over a blacklisted IP/country. Perhaps mention this precedence on the "cPHulk Brute Force Protection" webpage in WHM.

Also, on the Whitelist/Blacklist/Countries Management tabs, perhaps highlight any whitelist/blacklist overlaps (either fully or partially overlap). For example, a blacklisted IP (or IP range) that is within a whitelisted country would have no effect and would be highlighted.
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,255
313
Houston
Hi @dcusimano

I think that's great advice for improvement and I think it would be welcomed as a feature request. You can open one using the link in my signature. Once you do let us know so anyone viewing this thread can go to and vote for it.


Thanks!