Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

cPHulk whitelist/blacklist precedence

Discussion in 'Security' started by dcusimano, May 14, 2018.

  1. dcusimano

    dcusimano Member

    Joined:
    Feb 24, 2008
    Messages:
    16
    Likes Received:
    4
    Trophy Points:
    53
    Location:
    Toronto, Ontario, Canada
    cPHulk has IP "Whitelist Management", IP "Blacklist Management" and "Countries Management". What is the relative precedence of these lists? What if an IP is on more than one of these lists?

    For example, if I whitelist an IP in a country (e.g.: Canada) and then blacklist the country Canada, would access from that IP be allowed? If Country has precedence, I don't see why I would whitelist an entire country.

    I am in Canada (my server is in USA), so I currently blacklisted all countries except USA and Canada, and whitelisted portions of my ISP's IP ranges. I left USA and Canada as "not specified".
     
  2. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    199
    Likes Received:
    46
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    My understanding based on other threads here and the documentation for cPHulk is that if you whitelist an IP, you will be allowed to log in using that IP even if the country that IP belongs to is blacklisted. I'm basing that on the recommendation in the documentation that you whitelist your own IP in order not to get locked out by cPHulk with other settings.

    It seems like the order of precedence is whitelist -> blacklist -> country list.

    I believe that is correct for your situation.
     
    dcusimano likes this.
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,813
    Likes Received:
    84
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    The whitelist configuration is referred first and then the blacklist configuration. This hold true for almost all configuration in Linux..
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,804
    Likes Received:
    133
    Trophy Points:
    118
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    The answers provided here by @linux4me2 and @24x7server are both correct. Please let us know if you have any other concerns about this @dcusimano :)


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. dcusimano

    dcusimano Member

    Joined:
    Feb 24, 2008
    Messages:
    16
    Likes Received:
    4
    Trophy Points:
    53
    Location:
    Toronto, Ontario, Canada
    Okay, so a whitelisted IP/country has precedence over a blacklisted IP/country. Perhaps mention this precedence on the "cPHulk Brute Force Protection" webpage in WHM.

    Also, on the Whitelist/Blacklist/Countries Management tabs, perhaps highlight any whitelist/blacklist overlaps (either fully or partially overlap). For example, a blacklisted IP (or IP range) that is within a whitelisted country would have no effect and would be highlighted.
     
  6. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,804
    Likes Received:
    133
    Trophy Points:
    118
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @dcusimano

    I think that's great advice for improvement and I think it would be welcomed as a feature request. You can open one using the link in my signature. Once you do let us know so anyone viewing this thread can go to and vote for it.


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice