Understanding cPHulk configuration settings

F

FM Kappungal

Member
Feb 24, 2019
19
3
3
Saudi Arabia
cPanel Access Level
Root Administrator
Under the basic configuration settings of cPHulk, I see the following:

  • [*]Apply protection to local addresses only — Limit username-based protection to trigger only on requests that originate from the local system. This ensures that a user cannot brute force other accounts on the same server.
    [*]Apply protection to local and remote addresses — Allow username-based protection to trigger for all requests, regardless of their origin.
    Click to expand...

I just can't seem to understand what exactly this setting means even after reading it multiple times. Can someone explain it to me in simple plain terms with some example.

Thanks a lot.
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,261
463
Hello @FM Kappungal,

  • Apply protection to local addresses only — Limit username-based protection to trigger only on requests that originate from the local system. This ensures that a user cannot brute force other accounts on the same server.
  • Apply protection to local and remote addresses — Allow username-based protection to trigger for all requests, regardless of their origin.
Click to expand...
Username-based protection tracks login attempts for user accounts. If you choose Apply protection to local addresses only, then cPHulk will only count login attempts originating from the local server (e.g. localhost, 127.0.0.1). For instance, let's say a cPanel user creates a PHP script like the one on this document and attempts to authenticate as another user to cPanel or WHM. If Apply protection to local addresses only is enabled, cPHulk will track and block these login attempts. If you choose Apply protection to local and remote addresses, then cPHulk will track and block both local login attempts and login attempts from remote IP addresses.

Thank you.
 
  • Like
Reactions: FM Kappungal
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,261
463
FM Kappungal said:
I want to block users who try to log in with the wrong password to their email either using webmail from the browser or using POP/IMAP thru a mail client like Outlook.

Will this setting help with such a scenario?
Click to expand...
You'd choose Apply protection to local and remote addresses.

Thank you.
 
  • Like
Reactions: FM Kappungal
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
W Understanding Content-Security-Policy Security 5
P Understanding abusive access attempts in logs Security 3
durangod Having trouble understanding ssh key docs Security 5
G Understanding Access Logs Security 1
G Understanding Mod_Security Security 4
Similar threads
Understanding Content-Security-Policy
Understanding abusive access attempts in logs
Having trouble understanding ssh key docs
Understanding Access Logs
Understanding Mod_Security
Top Bottom