Security

Protecting with WHM cPHulk Brute Force

Updated: 10 October 2024

Introduction

WHM cPHulk Brute Force Protection is a security feature provided by cPanel and Web Host Manager (WHM) that protects your server against brute force attacks. It does this by blocking IP addresses that have too many failed login attempts within a certain period.

Accessing cPHulk in WHM

To access the cPHulk Brute Force Protection interface in WHM, follow the steps below:

  1. Log into your WHM account.
  2. From the left side panel, scroll down to the Security Center.
  3. Click on the cPHulk Brute Force Protection link. Here, you can access all the settings and configurations related to cPHulk.

Configuring cPHulk

Let's learn how to configure the cPHulk Brute Force Protection.

Basic Configuration

You can set up the basic configurations as follows:

  1. Check the box next to Enable cPHulk to turn on the service.
  2. Set the number of Failed Login Attempts to lock the IP address.
  3. Define the Brute Force Protection Period in minutes.
  4. Set the IP Address-Based Brute Force Protection Period in minutes.
  5. Click on the Save button to apply your settings.

Advanced Configuration

For advance settings, perform the following steps:

  1. Go to the Advanced Configuration tab.
  2. Set the Maximum Failures By Account before the system locks the account.
  3. Define the Maximum Failures Per IP before the system locks the IP address.
  4. Set the Maximum Failures Per IP before IP is blocked for two week to further secure your server.
  5. Click on the Save button to apply your settings.

Remember

Always be cautious when changing these settings. Misconfiguration could accidentally block legitimate users or leave your server open to attacks.

Managing Blocked IP Addresses

cPHulk allows you to manage blocked IP addresses. You can whitelist or blacklist IP addresses based on your needs.

  1. Go to the IP Address Lists tab in the cPHulk interface.
  2. Enter the IP addresses to the Whitelist Management or Blacklist Management section as needed.
  3. Click on the Save button to apply your changes.

Be Careful

Be careful when adding IP addresses to the blacklist. Adding a valid user's IP address to the blacklist will block them from accessing the server.

Conclusion

WHM's cPHulk Brute Force Protection is a powerful tool that can protect your server from brute force attacks. By properly configuring and managing this service, you can significantly increase the security of your server. Remember to always be careful when changing these settings to prevent accidentally blocking legitimate users or leaving your server open to attacks.


External links

cPHulk Brute Force Protection - WHM Documentation