Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

CSF + CPhulk, iptables missing chain

Discussion in 'Security' started by SactoBob, Aug 17, 2016.

Tags:
  1. SactoBob

    SactoBob Active Member

    Joined:
    Aug 15, 2015
    Messages:
    27
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Sacramento
    cPanel Access Level:
    DataCenter Provider
    Hello,

    I recently installed a new cpanel from scratch. I started with CPHulk enabled as usual. On another server CPHulk chains show up in iptables:

    However, on the new server, when I installed CSF, the CPhulk chain is missing. I've toggled CPHulk off/on to be sure and no change. And according to CPHulk there are IPs in the block list, but they do not show in iptables.

    Did something not install correctly or do I need manually or rerun a script to put the CPHulk chains back?
     
  2. SactoBob

    SactoBob Active Member

    Joined:
    Aug 15, 2015
    Messages:
    27
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Sacramento
    cPanel Access Level:
    DataCenter Provider
    Also this is a Centos 7 server. It seems the recommendation of CSF for C7 isn't sufficient? I saw this line:


    So are we saying now firewalld + CSF + CPHulk????
     
  3. SactoBob

    SactoBob Active Member

    Joined:
    Aug 15, 2015
    Messages:
    27
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Sacramento
    cPanel Access Level:
    DataCenter Provider
    Hmm, well this answers this question..

     
  4. SactoBob

    SactoBob Active Member

    Joined:
    Aug 15, 2015
    Messages:
    27
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Sacramento
    cPanel Access Level:
    DataCenter Provider
    Hello, me again. So I've removed csf and turned on firewalld per the cpanel/centos 7 recommendation quoted above. However, my issue still remains. There's no CPHulk chains and CPHulk is not working. I tested it by purposely get a login block. CPHulk reports the IP blocked, but the IP doesn't showup in iptables -L and I've still able to attempt repeated logins. I've stopped/started and did

    How do I get the CPHulk chains back?

    Thanks,
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,367
    Likes Received:
    1,855
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Do you have "Block IP addresses at the firewall level if they trigger brute force protection" enabled in "WHM Home » Security Center » cPHulk Brute Force Protection"?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice