The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cphulkd spamming TTY

Discussion in 'Security' started by Kevin C, Jan 19, 2015.

  1. Kevin C

    Kevin C Member

    Joined:
    Apr 10, 2014
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    We appear to be undergoing a significant attack and have been for the last 48 hours. Because cphulkd is active, and because our office IP is not whitelisted (A terrible oversight), we have been locked out of root for 48 hours. We have tried using our KVM to get in but for some reason, cphulkd is spamming the login screen so we aren't able to log in as we're getting hit dozens of times per second and can't log in fast enough.

    So the two questions are:

    1. Any way to stop the console spamming that's happening without having a privileged user?
    2. How can we prevent the spamming from happening in the future once we have root back?
     
  2. Kevin C

    Kevin C Member

    Joined:
    Apr 10, 2014
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    As an update to this post, we just ended up null routing all of the server IPs so that we could log in via KVM to flush the cphulk blocks.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    I am happy to see you were able to address the issue. Thank you for updating us with the outcome. Note that cPanel 11.48 includes some improvements to cPHulk (e.g. firewall blocking functionality) that you may find helpful.

    Thank you.
     
Loading...

Share This Page