Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

WHM Login always incorrect password need to reboot vps to be able to login

Discussion in 'General Discussion' started by ermiebb, Feb 5, 2015.

  1. ermiebb

    ermiebb Member

    Joined:
    Feb 5, 2015
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Hi,

    I always have this problem and it is very annoying

    For example:

    I haven't login in my WHM for a day or two or even for a couple of hours
    when i try to login to my WHM it says Incorrect password even if i dont change my pass
    then i am going to reset my root password in my vps panel then it will allow me to login in my whm successfully with my new password. then after that if i go idle for an hour or two when i refresh my browser or i try to relogin to WHM it says i again invalid password i need again to reset my password in my vps panel and reboot server again to be able to login to my whm...

    Whats causing this problem and how to resolve this?


    Thank you very much
     
    #1 ermiebb, Feb 5, 2015
  2. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    960
    Likes Received:
    36
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    In my experience you are probably being locked out, due to brute force login attempts from unknowns. Potential hackers.
    Find cphulk and add your ip or range of ip's (if dynamic) to the white list for a start.
    Range of ip's will go along the lines xxx.xxx.0.0/16.

    Consider using host access control.
    Allow access to all for your ip (or range of ip's), this one goes along the lines xxx.xxx.0.0/255.255.0.0

    All - IP or Range - Allow

    And deny all to everyone else until you have it secured at least

    All - All - DENY

    Then as a matter of immediate importance, install CSF (firewall).
    When CSF is installed, choose a pre-configured profile as a starting point (i chose high).
    And remember to take csf out of test mode.

    It's not difficult but can be quite daunting when your'e first starting out.

    When you've done all this, come back as the guys on here are really helpful.
     
    #2 keat63, Feb 5, 2015
    Last edited: Feb 5, 2015
  3. ermiebb

    ermiebb Member

    Joined:
    Feb 5, 2015
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Hi

    thanks for the reply,
    where do i find cphulk?

    currently searching it right now in whm...


    thanks!
     
    #3 ermiebb, Feb 6, 2015
  4. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,664
    Likes Received:
    68
    Trophy Points:
    203
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    Home »
    Security Center »
    cPHulk Brute Force Protection
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 dalem, Feb 6, 2015
  5. ermiebb

    ermiebb Member

    Joined:
    Feb 5, 2015
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    thanks found it..

    holy mother of god i saw in the cphulk failed login logs a lots of failed login with different ip i think theres a thousands of failed logins different ip on the list in cphulk..

    how do i install csf? via whm?
     
    #5 ermiebb, Feb 6, 2015
  6. ermiebb

    ermiebb Member

    Joined:
    Feb 5, 2015
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    after i install csf do i still need the cphulk? do i disabl the cphulk or not?
     
    #6 ermiebb, Feb 6, 2015
  7. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    960
    Likes Received:
    36
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    Install csf from a root login.
    http://download.configserver.com/csf/install.txt

    Leave CPHulk in tact, just add your IP or range, and any others that you trust, ie your VPS provider.

    Also under security center, add your entries in Host Access Control, like thus.
    Allow access to all for your ip (or range of ip's), IP entries should look like this for a range 111.222.0.0/255.255.0.0

    All - 111.222.0.0/255.255.0.0 - Allow
    Also add your VPS provider and anyone else you trust, eg your work ip, your home ip.

    And deny all to everyone else until you have it secured at least

    All - All - DENY

    The Deny rule should always be the last entry apparently, so if you add any more entries, make sure the denies are at the bottom of the list.

    - - - Updated - - -

    One other thing, finding your way around WHM and it's many features can be tricky at first, knowing for example where CPHULK is.
    Using the search box (top left), will help find these things.
     
    #7 keat63, Feb 6, 2015
    Last edited: Feb 6, 2015
  8. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,160
    Likes Received:
    370
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Linking to the proper documentation is always a better way to go:
    Host Access Control - cPanel Documentation

    The concern should be that for a new user, the actual documentation is going to be more accurate, complete, and safe to implement.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #8 Infopro, Feb 6, 2015
  9. ermiebb

    ermiebb Member

    Joined:
    Feb 5, 2015
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    thank you guys
    problem solved.
     
    #9 ermiebb, Feb 6, 2015
  10. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    960
    Likes Received:
    36
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    Now might be a good idea to run a quick security scan, and see what you can or dare tighten up.
    If you installed CSF, you might want to consider a CSF security scan also.

    CSF also gives very easy access to the logs, you'll be shocked as to how many devious goings on there are behind your back
     
    #10 keat63, Feb 6, 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - Login always incorrect
  1. Zurrie

    WHM login always download command.gz

    Zurrie, Nov 13, 2016, in forum: General Discussion
    Replies:
    4
    Views:
    728
    cPanelMichael
    Nov 15, 2016
  2. joshuapinedamexico

    New Thread IP has changed login issue

    joshuapinedamexico, Jun 16, 2018 at 8:13 PM, in forum: Security
    Replies:
    0
    Views:
    42
    joshuapinedamexico
    Jun 16, 2018 at 8:13 PM
  3. Havri

    cPanel account receiving login notifications

    Havri, Jun 15, 2018 at 5:18 AM, in forum: General Discussion
    Replies:
    4
    Views:
    68
    Havri
    Jun 16, 2018 at 2:40 AM
  4. mehdix92

    Mod_Security blocking WordPress logins

    mehdix92, Jun 13, 2018 at 6:56 PM, in forum: Security
    Replies:
    3
    Views:
    86
    cPanelMichael
    Jun 14, 2018 at 10:10 AM
  5. abhishekkuamr

    Auto login to 3rd party software from custom cPanel plugin?

    abhishekkuamr, Jun 8, 2018, in forum: cPanel Developers
    Replies:
    5
    Views:
    103
    cPanelMichael
    Jun 12, 2018 at 1:35 PM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice