Whitelisting Countries in cPHulk?

[tomdchi]

What does setting a country as whitelisted or not specified do exactly?

My assumption is that whitelisting a country exempts that country from cPhulk rules. Is that correct?

 

[linux4me2]

According to the docs, "The whitelist specifies the IP addresses that cPHulk always allows to log in to your server." The blacklist specifies the IP addresses that cPHulk never allows to log in to your server. If a country is "not specified," it's neither whitelisted nor blacklisted, so the IP would be handled by cPHulk without regard to the country of origin.

 

[cPanelLauren]

Hi @tomdchi

The explanation provided by @linux4me2 is correct as is your assumption. The documentation on cPhulkd can be found here: cPHulk Brute Force Protection - Version 70 Documentation - cPanel Documentation in the event you'd like to read through it as well.

Thanks!

 

[EneTar]

I'm sorry but I'm having trouble understanding the documentation at this point: "The whitelist specifies the IP addresses that cPHulk always allows to log in to your server." What does "log in to your server" mean exactly?

According to the docs cphulk protects

cPanel services (Port 2083).
WHM services (Port 2087).
Mail services (Dovecot and Exim).
The PureFTPd service.
Secure Shell (SSH) access.

So countries blacklisting/whitelisting affects all those?

I'm not sure but I suppose that yes it does affect all of those. However I think that it would be a great feature to choose what to block. For example on large systems webmail users could be anywhere in the world really. However all other services could be restricted to one country in most cases.

 

[cPanelLauren]

What does "log in to your server" mean exactly?

It would mean anyone trying to gain access to the services listed:

cPanel services (Port 2083).
WHM services (Port 2087).
Mail services (Dovecot and Exim).
The PureFTPd service.
Secure Shell (SSH) access.

So countries blacklisting/whitelisting affects all those?

Exactly

However I think that it would be a great feature to choose what to block. For example on large systems webmail users could be anywhere in the world really. However all other services could be restricted to one country in most cases.

This is a pretty new feature and I think we would love to hear about improvement to it. I would encourage you to open a feature request using the link in my signature to address that!

 

[EneTar]

Thank you I opened a feature request (Currently under review) here More control at cPHulk Countries Management Configuration

 

[cPanelLauren]

That's great, I went ahead and voted for it as well. Thanks for opening it!

 

[linux4me2]

Thank you I opened a feature request (Currently under review) here More control at cPHulk Countries Management Configuration

Excellent idea! I voted for it as well.

 

[Mise]

I refloat the thread to get one clarification missed in the documentation:

When one country is whitelisted, It would mean the IPs from that country are bypassing the attempts rules?.
Do they can endless attempts to login?

 

[cPRex]

@Mise - that is correct

 

[Mise]

thanks!