CSF + CPhulk, iptables missing chain

SactoBob

Active Member
Aug 15, 2015
32
4
58
Sacramento
cPanel Access Level
DataCenter Provider
Hello,

I recently installed a new cpanel from scratch. I started with CPHulk enabled as usual. On another server CPHulk chains show up in iptables:

Chain INPUT (policy ACCEPT)
target prot opt source destination
acctboth all -- anywhere anywhere
cphulk all -- anywhere anywhere
cP-Firewall-1-INPUT all -- anywhere anywhere
However, on the new server, when I installed CSF, the CPhulk chain is missing. I've toggled CPHulk off/on to be sure and no change. And according to CPHulk there are IPs in the block list, but they do not show in iptables.

Did something not install correctly or do I need manually or rerun a script to put the CPHulk chains back?
 

SactoBob

Active Member
Aug 15, 2015
32
4
58
Sacramento
cPanel Access Level
DataCenter Provider
Also this is a Centos 7 server. It seems the recommendation of CSF for C7 isn't sufficient? I saw this line:

  • While you can use the iptables command for temporary firewall rules, we recommend that you only use the firewall utilities on CentOS 7, CloudLinux 7, and RHEL 7 servers.

So are we saying now firewalld + CSF + CPHulk????
 

SactoBob

Active Member
Aug 15, 2015
32
4
58
Sacramento
cPanel Access Level
DataCenter Provider
Hello, me again. So I've removed csf and turned on firewalld per the cpanel/centos 7 recommendation quoted above. However, my issue still remains. There's no CPHulk chains and CPHulk is not working. I tested it by purposely get a login block. CPHulk reports the IP blocked, but the IP doesn't showup in iptables -L and I've still able to attempt repeated logins. I've stopped/started and did

How do I get the CPHulk chains back?

Thanks,
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
However, on the new server, when I installed CSF, the CPhulk chain is missing. I've toggled CPHulk off/on to be sure and no change. And according to CPHulk there are IPs in the block list, but they do not show in iptables.
Hello,

Do you have "Block IP addresses at the firewall level if they trigger brute force protection" enabled in "WHM Home » Security Center » cPHulk Brute Force Protection"?

Thank you.