The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

No login to during brute force attack

Discussion in 'Security' started by planetcaravan, Feb 7, 2014.

  1. planetcaravan

    planetcaravan Member

    Joined:
    Feb 6, 2014
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi there,

    I'm using: CentOS release 6.5 (Final) (64bit) with WHM 11.40.1 (build 11).

    I've noticed (5 times in 2 days) that during brute force attack (shown on /var/log/messages) my WHM, cPanel and NEW SSH sessions say always "login incorrect".
    Brute force detection active: 580 LOGIN DENIED -- TOO MANY FAILURES

    After a couple of seconds when the brute force attacks stops, login via WHM and SSH is working fine again.
    Is it normal?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    It's normal for cPHulk to prevent authentication when a brute force attack is detected. The length of the lockout depends on the values you have configured for the following options in "WHM Home » Security Center » cPHulk Brute Force Protection":

    IP Based Brute Force Protection Period in minutes
    Brute Force Protection Period in minutes


    Thank you.
     
  3. planetcaravan

    planetcaravan Member

    Joined:
    Feb 6, 2014
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    OH, well! I'm totally new on WHM and I was really worried about what happened.
    Thanks for your answer!
     
Loading...

Share This Page