Question
Can I block a certain country's IP range from logging into my server?
Answer
Yes, it is possible to block a countries IP range from logging into your server. This is handled by the built-in WHM function, cPhulk.
cPhulk monitors the following web servers and services:
-
cPanel services (Port 2083).
-
WHM services (Port 2087).
-
Mail services (Dovecot® and Exim).
-
The PureFTPd service.
-
Secure Shell (SSH) access.
To manage the list of countries that can log into these services, you can go to WHM's "Home / Security Center / cPHulk Brute Force Protection" and then click on the tab for "Countries Management."
To add a country’s range of IP addresses to the whitelist or blacklist, select Whitelisted or Blacklisted for the country that you wish to modify. To specify the Whitelisted, Blacklisted, or Not Specified option for multiple countries. For more information on this, you can observe our documentation here:
cPanel Documentation | cPHulk Brute Force Protection
Please note, this does not prevent connections from being made from blacklisted countries. Visitors from blacklisted countries can still access websites and data on the server. They may also be able to view the login page; their logins would just always be unsuccessful to any of the services listed above.