Someone or virus spam WHM login root and script disable us

natong

Well-Known Member
May 17, 2008
89
1
58
5 failed login attempts to account root (system) -- Large number of attempts from this IP:


How to prevent spammer ? Because the cPHulk Brute Force Protection automatic disable account root and we can't login root too.
 
Last edited:

crazyaboutlinux

Well-Known Member
Nov 3, 2007
939
1
66
for security its recommended to keep enabled this protection.
Quote:
Yes, you are having this problem since the brute force protection is enabled in your server. You can disbale this following those steps: WHM >> Security >> Security Center >> cPHulk Brute Force Protection.

just enter your IP address as Trusted Hosts List in brute force protection & you won't be blocked again.

i also have the same problem before 6th months & i did this after then i never blocked again by brute force
 

txmom

Member
Apr 29, 2009
5
0
51
This is also in the Security Center:

Host Access Control (block IP access)

Host Access Control allows you to allow or deny access to your server or specific services based on the IP address of the incoming request.
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
If you are comfortable with the command line, you may also wish to consider moving SSH off its standard port to reduce the brute forcing performed against your root account. Some system administrators also require logging in as a wheel user first before being able to login as root for added security. That would need to be setup via the command line.
 

natong

Well-Known Member
May 17, 2008
89
1
58
I am lucky. I use SSH with private key and I can login root.

then I clear database by

Code:
echo "delete from brutes; delete from logins;" | mysql cphulkd