Password limit in WHM!

bls24

Well-Known Member
May 12, 2007
78
0
156
I seemed to have manage to lock myself out today. Luckily, root login is done via key by myself & the data center.. so I am just waiting for them to reset it for me.

So I can avoid looking like an idiot in the future, what's the limit?? :) Can WHM give me a warning if I exceed it?

(I type my insanely hard to guess password into notepad & then I paste it into the WHM change box.)
 

darren.nolan

Well-Known Member
Oct 4, 2007
257
0
66
15 attempts in 15 minutes, bans for 5 minutes, time gets extended on each failed attempt there-after after ur first ban expires.

30 attempts all up incorrectly from your IP bans you for two weeks.

This is cPanel's cPHulk system though.

If you use the awesomely-awesome ConfigServer firewall - the default from memory is 10 attempts in 15 minutes locks you for 1 hour? I know I've changed the time down to 15 minutes though, as I thought 1 hour was a bit harse for someone using the incorrect username to access email (as people do).

Then future attempts get a nice big-ole banning.
 

bls24

Well-Known Member
May 12, 2007
78
0
156
I changed the password in WHM and didn't notice the cut-off of characters and thus cannot login anymore.. I don't know where cpanel cut my password off. In fear of indefinately being banned from even accessing SSH I am hesitant on trying to trim off character by character.

I wasn't banned by brute force or anything, I have it disabled (I use APF's instead)


After scouring google for hours I figured out how to do it myself:
in ssh, type:
passwd root

was able to change it right from there.

Still, I am curious of the WHM limit and if I can have it flash a warning next time I exceed it! I've only been using whm for about 2 years with different hosts and this is my first time encountering this avoidable mishap.
 
Last edited:

cPanelKenneth

cPanel Development
Staff member
Apr 7, 2006
4,607
79
458
cPanel Access Level
Root Administrator
I changed the password in WHM and didn't notice the cut-off of characters and thus cannot login anymore.. I don't know where cpanel cut my password off. In fear of indefinately being banned from even accessing SSH I am hesitant on trying to trim off character by character.

I wasn't banned by brute force or anything, I have it disabled (I use APF's instead)


After scouring google for hours I figured out how to do it myself:
in ssh, type:
passwd root

was able to change it right from there.

Still, I am curious of the WHM limit and if I can have it flash a warning next time I exceed it! I've only been using whm for about 2 years with different hosts and this is my first time encountering this avoidable mishap.
How long is your password?
 

bls24

Well-Known Member
May 12, 2007
78
0
156
The one that locked me out was about 20+ characters. I'm just guessing, I've erased it from notepad a day or two ago.