The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cphulkd problem

Discussion in 'General Discussion' started by Samuraid, Feb 25, 2009.

  1. Samuraid

    Samuraid Member

    Joined:
    Apr 20, 2006
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    I'm having a really bad issue with cphulkd on my up-to-date WHM VPS.

    I have cphulkd enabled, and I have all the static IPs from my office in the cphulkd whitelist (entered in CIDR notation).

    Problem happens when an attacker tries to brute force the 'root' user a bunch of times. When they hit the "Maximum Failures By Account" limit, it kills all my sessions and doesn't allow me to login again even though my IP address is on the whitelist.

    I essentially have to flush the cphulkd database over SSH and hope that the brute force attack doesn't hit the server enough to lock me out again (which has been happening a number of times this afternoon). I'm almost to the point where I'm going to manually modify Hulk.pm and stop this frustrating circumstance from occurring.

    Shouldn't anyone on the IP whitelist be allowed to login anytime regardless of what attackers are doing? Is there any way this can be fixed?

    Thanks in advance for any help and insight on this. I would greatly appreciate it. :)

    EDIT: Perhaps this is because CIDR notation might not be supported in the IP whitelist for cphulkd?
     
    #1 Samuraid, Feb 25, 2009
    Last edited: Feb 25, 2009
Loading...

Share This Page