No login to during brute force attack

planetcaravan

Member
Feb 6, 2014
8
0
1
cPanel Access Level
Root Administrator
Hi there,

I'm using: CentOS release 6.5 (Final) (64bit) with WHM 11.40.1 (build 11).

I've noticed (5 times in 2 days) that during brute force attack (shown on /var/log/messages) my WHM, cPanel and NEW SSH sessions say always "login incorrect".
Brute force detection active: 580 LOGIN DENIED -- TOO MANY FAILURES

After a couple of seconds when the brute force attacks stops, login via WHM and SSH is working fine again.
Is it normal?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

It's normal for cPHulk to prevent authentication when a brute force attack is detected. The length of the lockout depends on the values you have configured for the following options in "WHM Home » Security Center » cPHulk Brute Force Protection":

IP Based Brute Force Protection Period in minutes
Brute Force Protection Period in minutes


Thank you.