The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Repeated brute force attempts

Discussion in 'Security' started by Kausik, Aug 20, 2015.

  1. Kausik

    Kausik Member

    Joined:
    Aug 1, 2015
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Hi, my website has been a target of multiple brute force attempts for some reason. I always get an email to add the appropriate entry to the blacklist or whitelist. Does anyone know why this might be? Also, is there any way I can automatically have an IP address from multiple brute force attempts added to the blacklist? Thanks!
     
  2. swatkatsdevilz

    Joined:
    Jun 4, 2015
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    I get over 100 daily Email for brute force attempt on my servers, Earlier i was also concerned on this but now it's a usual thing to happen. What you need to do is Enable CPHULK brute force protection and configure setting a little.

    See these images for a sample configuration, you no need to keep these same like mine.

    i.imgur.com/XsgNbCd.jpg
    i.imgur.com/kPHrHXg.jpg

    Also install CSF firewall
     
    #2 swatkatsdevilz, Aug 20, 2015
    Last edited by a moderator: Aug 20, 2015
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,833
    Likes Received:
    672
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You can enable "Block IP addresses at the firewall level if they trigger brute force protection" via "WHM Home >> Security Center >> cPHulk Brute Force Protection" if you want to also block IP addresses in your firewall when they reach the maximum failure limit. In addition, a firewall management utility such as CSF may help to prevent these types of attacks.

    Thank you.
     
Loading...

Share This Page