Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

CPhulk

Discussion in 'Security' started by captainron19, Apr 3, 2014.

  1. captainron19

    captainron19 Active Member

    Joined:
    Nov 10, 2011
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    So - still not completely WHM literate but yesterday a user with a domain on my VPS could not login - found out that cphulk blocked her IP after repeated failed login attempts.

    After getting it all fixed I looked into the cphulk a bit more and changed the settings to notify me of repeated failed login attempts.

    This morning when I got up and checked my mail I had about 50 emails fromt he server notifying me of repeated failed login attempts to different domains on my server including attempts into the root system

    I made sure I black listed all of the IP addresses that I did not recognize (most of them were from Russia, Saudia Arabia and Turkey)

    My questions is..... is this common????? or should I be worried about hackers targeting my server? Should I continue to blacklist every IP or should I just let cphulk block the failed attempts?

    Just wonderign what everyone else is doing.
     
  2. es2alna

    es2alna Well-Known Member

    Joined:
    Mar 30, 2014
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
    Hi,

    Yes, this is common and happens to most servers.

    My suggestion is to disable cPHulk and install CSF instead.

    Thanks,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. captainron19

    captainron19 Active Member

    Joined:
    Nov 10, 2011
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator

    What is CSF?
     
  4. es2alna

    es2alna Well-Known Member

    Joined:
    Mar 30, 2014
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
  5. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,412
    Likes Received:
    1,956
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    This is a common occurrence, so it's best to combine cPHulk with a third-party firewall such as CSF that offers additional security measures to block brute force attacks.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. captainron19

    captainron19 Active Member

    Joined:
    Nov 10, 2011
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
  7. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,412
    Likes Received:
    1,956
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    It's CIDR notation. It's to block all IP addresses in the specified range. You can search for CIDR notation on a search engine to get a more detailed explanation on what the numbers mean.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice