The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Large Number of Failed Login Attempts

Discussion in 'Security' started by nerod, Apr 19, 2012.

  1. nerod

    nerod Member

    Joined:
    Feb 4, 2011
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    Is there yet an option to allow/disallow anyone to view the WHM login page, based on country?

    I know I can do this by IP. The problem with filtering access based on IP is my IP is not static, it changes. All of the access attempts are from outside of my country, so I can limit the hack attacks by filtering country.

    Is this possible, yet?
     
  2. theitjerk

    theitjerk Member

    Joined:
    Apr 19, 2012
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Los Angeles
    cPanel Access Level:
    Reseller Owner
    Why not just change the maximum allowable times each domain can attempt in a given period? or, you could change the .htaccess to block an entire range..

    Also, the fact that your IP is changing doesn't affect others. If you filter a countries ip-range, it's set and done. If your IP is changing, it shouldn't affect a thing.

    This help? If not, let me know, glad to help!
     
  3. PlotHost

    PlotHost Well-Known Member

    Joined:
    Apr 29, 2011
    Messages:
    253
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    US
    cPanel Access Level:
    Root Administrator
    Twitter:
    You can filter countries by using CSF firewall. Check the configuration file.

     
  4. NetMantis

    NetMantis BANNED

    Joined:
    Apr 22, 2012
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Utah
    cPanel Access Level:
    DataCenter Provider
    Yes, this is actually very simple to setup!

    The previous poster mentioned blocking countries using CSF but if you do that then all connections from those countries would be entirely blocked on all services though you could of course still use that method.

    What I generally do here is setup mod_geoip and the GeoIP C library from Maxmind and then setup web filters based on country code to only allow access from certain countries to ports 2082 through 2096.

    If you are the only one logging into WHM and your IP is fairly constant, you could do the inverse and just simply block every IP from accessing ports 2086 and 2087 except your IP or IP range only and then anyone else attempting to access WHM would never reach the login screen in the first place.

    There is a great many ways to go about doing what you asked but yes it is definitely possible.
     
Loading...

Share This Page