SOLVED How does blacklisting countries in cphulk work ?

I use both cPHulk and CSF/LFD and there are defiantly differences between the two applications as to where they think an IP comes from.

I know that CSF/LFD use MaxMind GeoLite2 databases, and I personally have set it to update every 14 days.

Now I see eg IPs that LFD thinks is on the UK, being flagged as being in Germany by cPHulk.

I did ask in another post on this forum if cPanel would disclose what geo-location database is being used by cPHulk, and how often it was updated ...... but I don't think it was ever answered.

Don't forget that cPHulk blacklisting (IP or Country) will only block attempts to log in to your server (any of the services) but it does not block the IP from connecting and trying.

 

Hi cPanelMichael

So if I am certain that I only login to the Server from US, so can I safely conclude that I can Blacklist all Countries except US?

If user were to travel overseas to say Austria and that Austria is currently being blacklisted in the Countries Management in cPHulk, can the user currently in Austria able to login with his/her credential into cPanel as well as access to his/her email?

Thanks.

 

It is not only you that would be limited to logins only from the US, but all your customers as well.

cPHulk blocks the following logins

• cPanel services (Port 2083).
• WHM services (Port 2087).
• Mail services (Dovecot and Exim).
• The PureFTPd service.
• Secure Shell (SSH) access.

If you have blocked all country access other than from the US, when your US customer travels to Austria, they would be blocked from logging into any of the services listed above.

Full details from cPHulk Brute Force Protection - Version 74 Documentation - cPanel Documentation

 

Hi rpvw.

Thank you for your detail explanation.

 

Is there a built in feature in WHM to completely block all access to sites hosted on the server from certain countries?

I have all countries blacklisted bar mine for CPHulk, which is great for the server login and services. But I'd like to also completely block visitors to my sites from a selection of countries.

What's the easiest way to do this?

Thanks

 

I don't know of one that is built into WHM.

You can achieve what you want using the CSF firewall - do a Google search for How to Block or Allow Specific Ports by Country in the CSF Firewall for further examples and instructions.

Do be careful about blocking countries that you might need to receive system and software updates from !!!