No login to during brute force attack

P

planetcaravan

Member
Feb 6, 2014
8
0
1
cPanel Access Level
Root Administrator
Hi there,

I'm using: CentOS release 6.5 (Final) (64bit) with WHM 11.40.1 (build 11).

I've noticed (5 times in 2 days) that during brute force attack (shown on /var/log/messages) my WHM, cPanel and NEW SSH sessions say always "login incorrect".
Brute force detection active: 580 LOGIN DENIED -- TOO MANY FAILURES

After a couple of seconds when the brute force attacks stops, login via WHM and SSH is working fine again.
Is it normal?
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,261
463
Hello :)

It's normal for cPHulk to prevent authentication when a brute force attack is detected. The length of the lockout depends on the values you have configured for the following options in "WHM Home » Security Center » cPHulk Brute Force Protection":

IP Based Brute Force Protection Period in minutes
Brute Force Protection Period in minutes

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
A Multiple dovecot_login authenticator failed Security 2
Z .lastlogin Security 15
K Login URL exposes the server ip Security 5
tbutler Root Login with Public Key? Security 2
J lastlogin not updating properly Security 1
Similar threads
Multiple dovecot_login authenticator failed
.lastlogin
Login URL exposes the server ip
Root Login with Public Key?
lastlogin not updating properly
Top Bottom