Within the past two or three weeks, we have noticed a major increase in the number of our users being blocked by cPHulk for failed login attempts across many of our cPanel servers. Looking at the cphulkd log files, we see that the IP address that the failed login attempts are coming from are indeed the IP addresses that the users in question are actually connecting from.
Now, if it were just one person here or there that this is happening to, I would not think anything about it. But the number of users we are having locked out is very abnormal. For example, I don't know I have had more than one or two end users in the past year locked out by cPHulk, but now we are having several users per day complaining.
Is anyone else experiencing this?
Now, if it were just one person here or there that this is happening to, I would not think anything about it. But the number of users we are having locked out is very abnormal. For example, I don't know I have had more than one or two end users in the past year locked out by cPHulk, but now we are having several users per day complaining.
Is anyone else experiencing this?