The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Please. take cPHulk completely out.

Discussion in 'Security' started by wired420, Dec 8, 2013.

  1. wired420

    wired420 Active Member

    Nov 17, 2005
    Likes Received:
    Trophy Points:
    The module is completely useless. If you have root logins turned off and someone tries to login to root too many times it locks the whole machine down. No accounts can login. This is ruining the entire cPanel experience at this point. I can literally lockup any cPanel server with a old T9 cell phone. Quite pathetic that a module that is almost useless is still causing the same problem it has for years now... Get a clue. You guys obviously have no idea about security.

    You still haven't upgraded to TLS 1.2. You claim this to be the Operating Systems problem. However some complete idiot (myself) made a guide that runs cPanel and the web server against TLS 1.2...... Operating systems problem or not. YOU make the software that is supposed to let the average Joe run a server. By putting that power in his hands that is YOUR responsibility to make it as safe as possible for them.

    Oh and your bruteforce detection (cPHulk) can be used to render a cPanel server completely unusable with a single connection every 14 minutes with default settings. Your techs have reports on this and apparently are too busy trying to make the WHM look pretty (Looks like puke really, who ever picked your colors must have been color blind).... Who cares what it looks like when one angry person can make it unusable without actually doing anything illegal.....
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Hello :)

    Thank you for taking the time to share your concerns. I am sorry to hear of your bad experience with cPhulk brute force detection. I would like to point out that it's possible to disable cPHulk via:

    "WHM Home » Security Center » cPHulk Brute Force Protection"

    However, it seems like you are aware of that, and are rather wanting to see a change in how it operates. The best way to see a change in behavior of an existing feature is to open a feature request:

    Submit A Feature Request

    Note that some users disable cPHulk and utilize a third-party application (e.g. CSF/LFD) to handle brute force attacks. This may be an option for you to consider.

    You are welcome to contribute your opinion on the themes and designs for cPanel/WHM in our user experience forum:

    cPanel Forums - User Experience

    Thank you.

Share This Page