The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Question about cPHulk Brute Force Protection

Discussion in 'General Discussion' started by jimjim135, Feb 18, 2011.

  1. jimjim135

    jimjim135 Member

    Joined:
    Feb 18, 2011
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Wisconsin
    Hi, I'm a bit new to WHM. I've worked my way around most of it, and I know how to use pretty much anything in it. However, I was wondering about cPHulk Brute Force Protection. Recently, there have been multiple failed logins to my server from texas, to russia, to south portugal. Most from other hosting companies. I'm just wondering if this is regular behavior I need to expect, or what, Because it's my personal server used to run a couple sites and voice servers off of. Any input would be appreciated. Thanks :)
     
  2. cPanelJared

    cPanelJared Technical Analyst
    Staff Member

    Joined:
    Feb 25, 2010
    Messages:
    1,842
    Likes Received:
    18
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    This is very common. Most brute-force log-in attempts are made by servers that have themselves been compromised and incorporated into a "botnet." Each server in the botnet will make brute-force attempts against all IP addresses within ranges set by the botnet's "owner", trying to find a server with a weak password that can be compromised and then incorporated into the botnet.

    The best defense against this is to use complex passwords, and cPHulkd can help even more by limiting the number of tries an attacker can make to guess a user's password before your server starts ignoring it.
     
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Pretty much. Welcome to the party. :p

    BFP is only one piece of the puzzle, there's much more security needed to keep you safe.

    Be sure to add your IP to the BFP whitelist so you don't lock yourself out. If you work from multiple locations (office/home) add that other IP as well.

    Expect it and prepare for it. It will never end.
     
Loading...

Share This Page