The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Do I need to install Config Firewall if WHM already have CPHulk Brute Force Protection ?

Discussion in 'Security' started by calvinphanctt, Nov 26, 2014.

  1. calvinphanctt

    calvinphanctt Active Member

    Joined:
    Mar 27, 2007
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    6
    Hello everyone,

    How are you doing? Do I need to install Config Firewall if WHM already have CPHulk Brute Force Protection ?

    Sincerely,
    Calvin
     
  2. 24x7ss

    24x7ss Well-Known Member

    Joined:
    Sep 30, 2014
    Messages:
    271
    Likes Received:
    16
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Twitter:
    Yes, csf firewall provide much security to your server. If you want to block any particular country then you can use csf firewall. Attacks like portflood, SYN, FYN attack csf firewall is useful.
     
  3. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I also wondered the same thing.
    I'm pretty sure that I blocked all IP's (except a few) in CPHULK, but still managed to successfully log in to WHM, from an unknown IP. Although, i've done so much experimenting recently, i may be mistaken.

    I put this down to the fact that, it was first time single successful login, so wasn't categorised as a brute force attack.
    I assume a brute force attack would be multiple failed logins.

    I then configured Host access in WHM to only allow 2 IP's and my test IP fails even with a single login attempt.
     
  4. mageshm

    mageshm Well-Known Member

    Joined:
    Apr 17, 2014
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Chennai, INDIA
    cPanel Access Level:
    DataCenter Provider
    @ keat63,

    Yes, exactly right. If you configured Host access to particular IP and you can't login to ssh using other IP's except allowed host IP's but CSF giving more features.

    Install and feel the security.

    If you are using cPanel/WHM 11.46, i advise you to check "cPanel Security Advisor" option because this also giving some protection to server.
     
  5. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I've just installed CSF, but now this is something extra for me to try and figure out how it works.
    I'll leave this on the default settings until i get a chance to play.
     
  6. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Calvin.

    Installing CSF is really easy.
    Copy and paste the following in to your SSH terminal.

    rm -fv csf.tgz
    wget http://www.configserver.com/free/csf.tgz
    tar -xzf csf.tgz
    cd csf
    sh install.sh

    It will appear as a plugin at the bottom of WHM.
    CSF is quite indepth and complex though, so we will no doubt be back here for more assistance.
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Yes, it's a good idea to install a firewall management utility such as CSF. While cPHulk is helpful, it's not intended as a replacement for a firewall.

    Thank you.
     
Loading...

Share This Page