Introduction
Please keep in mind that Login Failure Deamon (LFD) by ConfigServer Firewall is third-party software that is not provided by cPanel.
While we can help point you in the right direction, for direct support with CSF, you can receive support via the following links:
ConfigServer Technical Support
Procedure
You may find that a user's directory is being disabled automatically. In this case, the directory is set to 000 permissions with the +i (immutable) attribute.
How to determine if a file or directory has the immutable attribute set
The LFD log file at /var/log/lfd.log will retain logs with information like this:
Sep 14 12:00:32 hostname lfd[28624]: '/home/username/public_html/wp-admin' has been disabled
You can typically check for this with the following command:
grep disabled -i /var/log/lfd.log
If LFD is disabling the data it is recommended to review the lfd.log further with a system administrator to determine why and address the issue.
If you are in need of a system administrator please see the following link:
System Administration Services
See how to remove the immutable attribute:
How to make a file or directory no longer immutable (+i)
Please keep in mind that if the issue is not resolved, the CSF/LFD software may disable it again.