cPHulk Brute Force Protection
cPHulk Brute Force Protection prevents malicious forces from trying to access your server’s services by guessing the login password for that service. While browsing the whm many time local machine ip blocked in the cphulkd database and we are not able to browse the WHM, to unlock the WHM access refer to the following steps to whitelist the ip from the cphulkd blacklist database.
BackEnd or Terminal
Login in the shell as a root user and run the commands.
# mysql
>USE cphulkd
>SHOW tables;
>BACKUP TABLE brutes TO ‘/root/cphulk.log’;
>SELECT * FROM brutes WHERE IP=’[IP Address]‘;
>DELETE FROM brutes WHERE IP=’IP Address’;
>quit;
Replace “IP Address” as per your local machine ip address to resolve the issue.
============================================================
To delete all the brute force entries of blocked IPs,
mysql> delete from brutes;
mysql> delete from logins;
============================================================
FrontEnd
Login to WHM, then
Main >> Security Center >> cPHulk Brute Force Protection
Select tab
- White/Black List Management
There is an option to enable/disable cPHulk protection.
Note:- To disable cPHulk through backend. ie, via terminal
# /usr/local/cpanel/bin/cphulk_pam_ctl --disable
If the shell access is disabled then refer to the following syntax to disable the cphuld.
https://server-ip-address:2087/scripts2/doautofixer?autofix=disable_cphulkd
