Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

User "root" locked out after failed login attempts

Discussion in 'General Discussion' started by trbrack, Jun 3, 2014.

  1. trbrack

    trbrack Registered

    Jun 3, 2014
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    I get lots of email stating:

    Large Number of Failed Login Attempts from IP XX.XXX.XXX.XXX

    The email then provides a link to blacklist these IP's

    Please use the following links to add to the black list:

    Single IP: /
    /24: /
    /16: /

    I click on the link to blacklist the ips but user "root" has been blocked so I cannot even login to block these ips.

    My ip is also whitelisted.

    Any advice?
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Hello :)

    If the lockout continues and you can not access SSH, then you may need to obtain console access and disable cPhulk with commands such as:

    for i in `ps aux | grep -i "cphulkd - process" | awk {'print $2'}` ;do kill -9 $i ;done
    /usr/local/cpanel/bin/cphulk_pam_ctl --disable
    Note that some users disable cPHulk and utilize a third-party application (e.g. CSF/LFD) to handle brute force attacks. This may be an option for you to consider.

    Thank you.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice