Skip to main content

cPHulk Brute Force Protection

Comments

3 comments

  • cPRex Jurassic Moderator
    Hey there! It definitely seems odd that an email client connecting would trigger that block. The best thing to do would be to add your local IP address to the server's whitelist in WHM >> cPHulk Brute Force Detection, as that would keep you from being blocked anywhere in the future. If your home IP address doesn't change frequently, it's a good idea to have that whitelisted anyway in case you're doing testing with an account to avoid false positives as you manage users.
    0
  • lewdigital
    Hey there! It definitely seems odd that an email client connecting would trigger that block. The best thing to do would be to add your local IP address to the server's whitelist in WHM >> cPHulk Brute Force Detection, as that would keep you from being blocked anywhere in the future. If your home IP address doesn't change frequently, it's a good idea to have that whitelisted anyway in case you're doing testing with an account to avoid false positives as you manage users.

    Thank you for your reply, this is what i am doing everytime i loging from mobile with 4g and i add the home ip to the whitelist . But it is weird that this is happening. I believe that often i get a message from google also that my ip is with suspicious traffic but for sure it is not something on my computer except the public ip that i get from my isp is often blocked on some RBL lists . I dont know if anyone else experiencing the same with Cosmote . Is there any way to find out what triggers the 1 day ban to that ip ? Probably if i will remove the 1 day block i will not getting banned but what's the point then to use CPHULK. And as you can see in attached files, i dont have any other rule is secured like not secured.
    0
  • cPRex Jurassic Moderator
    Since the issue happens when you check the mail from Outlook, you may want to check the /var/log/maillog file on the system as that will show authentications to the mailserver. That log may show odd authentication issues from the client if that is what is triggering this.
    0

Please sign in to leave a comment.