The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Links in Brute Force Attempt emails do not work due to IP lookup

Discussion in 'E-mail Discussions' started by Nerdiest.ca, Nov 1, 2012.

  1. Nerdiest.ca

    Nerdiest.ca Registered

    Joined:
    Sep 7, 2012
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    DataCenter Provider
    I've noticed that when I get these login attempt emails, the /24 and /16 whitelist and blacklist links do not work, as the bl.cgi and wl.cgi scripts expect an IP (or CIDR block), but the links contain the reverse-looked-up *hostname* for the IP which is attempting to brute force the server.

    Example with redacted with placeholder info:

    Code:
    10 failed login attempts to account root (system) -- Large number of attempts from this IP: 8-8-8-8-miami.txt.hfc.comcastbusiness.net
    
    Reverse DNS: 8-8-8-8-miami.txt.hfc.comcastbusiness.net
    
    Origin Country: United States (US)
    
    Please use the following links to add to the black list:
    
    Single Ip: https://my.cpanelserver.com:2087/cgi/bl.cgi?ip=8-8-8-8-miami.txt.hfc.comcastbusiness.net
           /24: https://my.cpanelserver.com:2087/cgi/bl.cgi?ip=8-8-8-8-miami.txt.hfc.0/24
           /16: https://my.cpanelserver.com:2087/cgi/bl.cgi?ip=8-8-8-8-miami.txt.0.0/16
    
    
    
    Please use the following links to add to the white list:
    
    Single Ip: https://my.cpanelserver.com:2087/cgi/wl.cgi?ip=8-8-8-8-miami.txt.hfc.comcastbusiness.net
           /24: https://my.cpanelserver.com:2087/cgi/wl.cgi?ip=8-8-8-8-miami.txt.hfc.0/24
           /16: https://my.cpanelserver.com:2087/cgi/wl.cgi?ip=8-8-8-8-miami.txt.0.0/16
    
    The bug is still present with the newest upgrade.

    Thanks!
     
  2. arunsv84

    arunsv84 Well-Known Member

    Joined:
    Oct 20, 2008
    Messages:
    373
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    127.0.0.1
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page