The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CSF + CPhulk, iptables missing chain

Discussion in 'Security' started by SactoBob, Aug 17, 2016.

Tags:
  1. SactoBob

    SactoBob Member

    Joined:
    Aug 15, 2015
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Sacramento
    cPanel Access Level:
    DataCenter Provider
    Hello,

    I recently installed a new cpanel from scratch. I started with CPHulk enabled as usual. On another server CPHulk chains show up in iptables:

    However, on the new server, when I installed CSF, the CPhulk chain is missing. I've toggled CPHulk off/on to be sure and no change. And according to CPHulk there are IPs in the block list, but they do not show in iptables.

    Did something not install correctly or do I need manually or rerun a script to put the CPHulk chains back?
     
  2. SactoBob

    SactoBob Member

    Joined:
    Aug 15, 2015
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Sacramento
    cPanel Access Level:
    DataCenter Provider
    Also this is a Centos 7 server. It seems the recommendation of CSF for C7 isn't sufficient? I saw this line:


    So are we saying now firewalld + CSF + CPHulk????
     
  3. SactoBob

    SactoBob Member

    Joined:
    Aug 15, 2015
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Sacramento
    cPanel Access Level:
    DataCenter Provider
    Hmm, well this answers this question..

     
  4. SactoBob

    SactoBob Member

    Joined:
    Aug 15, 2015
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Sacramento
    cPanel Access Level:
    DataCenter Provider
    Hello, me again. So I've removed csf and turned on firewalld per the cpanel/centos 7 recommendation quoted above. However, my issue still remains. There's no CPHulk chains and CPHulk is not working. I tested it by purposely get a login block. CPHulk reports the IP blocked, but the IP doesn't showup in iptables -L and I've still able to attempt repeated logins. I've stopped/started and did

    How do I get the CPHulk chains back?

    Thanks,
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Do you have "Block IP addresses at the firewall level if they trigger brute force protection" enabled in "WHM Home » Security Center » cPHulk Brute Force Protection"?

    Thank you.
     
Loading...

Share This Page