Temporary "permission denied" error using root password

andresmoritan

Registered
Dec 8, 2014
2
0
1
cPanel Access Level
Root Administrator
Hello there,

I'm having the following problem with two of my cPanel/WHM installation on different VPS providers.


Sometimes when I'm trying to access to the WHM o the SSH using my root password I get the "Permission denied, please try again." error... The first time I get this error I asked the VPS provider to reset the password because I thought I was committing an error but when this keep happening again and again and I realized that a few hours later I was able to access successfully using the usual root password I stop calling them.


Does anyone have a solution for this problem?


Thank you in advance.
Andrés M.

P.S.: I'm posting this question here because the only thing that this two VPS servers have in common is that they both use cPanel/WHM as control panel.
 

keat63

Well-Known Member
Nov 20, 2014
1,899
253
113
cPanel Access Level
Root Administrator
I had the same issue.
Personally, I think that i may have been under a brute force attack.
When you are connected, search for CPHULK and add your IP address to the white list.
If you have a dynamic IP, then you might have to add a range of IP's

I've also added every subnet that I don't want connected via the blacklist.

Goes along the lines
1.0.0.0/8
2.0.0.0/8
3.0.0.0/8

takes about 30 seconds to create in a spreadsheet.

Also if like me, you are new to this, then one of the first things you should do is install CSF
It's a highly configurable firewall.
 
Last edited:

andresmoritan

Registered
Dec 8, 2014
2
0
1
cPanel Access Level
Root Administrator
Hello redblue keat63,

Thank you very much for your replies.


I already added my IP to the white-list and also added some subnet that I don't want connected via the blacklist. I let you know how it goes from here.


Best regards,
Andres M.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,910
2,215
363
Hello :)

Yes, I agree that it's likely happening because of cPHulk brute force detection. Let us know if the issue persists after adding your IP address to the white list.

Thank you.