The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Resellers clearing cpHulk blocks?

Discussion in 'Security' started by pthirose, Oct 10, 2011.

  1. pthirose

    pthirose Member

    Mar 30, 2010
    Likes Received:
    Trophy Points:
    We use cpHulkd to help prevent against brute-force attacks. But once an IP is blocked (whether for the short 5min duration or a longer 2week duration), I (as root) have to go in and clear it, if the clearing needs to be done "now" (as it usually is.)

    Is there a way to allow Resellers to clear a cpHulkd lockout?

    It appears as if pam_hulk is (vaguely) similar to pam_tally(2) in that it keeps track of failed logns and then depending on that failed count, just returns a "password incorrect" pam-result to the overall pam mechanism during login.

    Thank you,
    I do this in conjunction w/some manual additions using -m recent module in iptables on RHEL. I haven't fully evaluated the rather popular CSF 3rd-party add-on mentioned here a lot yet, but I figure CSF does something similar as well.

Share This Page