Question on cphulkd doc

ca2236

Well-Known Member
Feb 2, 2018
229
22
18
Nebraska
cPanel Access Level
DataCenter Provider
Hi,

I have a question on a section from the below link (section in question is below the link). I want to make sure I understand this correctly. If you have apply protection to local addresses only enabled, does this mean, it won't protect from attacks from anywhere other than your local server's IP address? So in theory, someone could just attack your server all day long (example, brute force on pureftp)? Am I thinking correctly, that you want to enable for both local and remote? Likewise, if you have only local addresses enabled, but also have the IP based protection. Does it become moot to which is selected?

cPHulk Brute Force Protection - Version 78 Documentation - cPanel Documentation

Apply protection...

Select one of the following options to control how cPHulk applies its protection:

  • Apply protection to local addresses only — Limit username-based protection to trigger only on requests that originate from the local system. This ensures that a user cannot brute force other accounts on the same server.
  • Apply protection to local and remote addresses — Allow username-based protection to trigger for all requests, regardless of their origin.
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,273
313
Houston
That's exactly what it means, only for requests that originate from the local system if you want protection from both external and internal sources, yes you would select Apply protection to local and remote addresses