No login to during brute force attack

planetcaravan

• February 07, 2014 14:36

Hi there, I'm using: CentOS release 6.5 (Final) (64bit) with WHM 11.40.1 (build 11). I've noticed (5 times in 2 days) that during brute force attack (shown on /var/log/messages) my WHM, cPanel and NEW SSH sessions say always "login incorrect". Brute force detection active: 580 LOGIN DENIED -- TOO MANY FAILURES After a couple of seconds when the brute force attacks stops, login via WHM and SSH is working fine again. Is it normal?

• 

  cPanelMichael

  • February 07, 2014 20:08

  Hello :) It's normal for cPHulk to prevent authentication when a brute force attack is detected. The length of the lockout depends on the values you have configured for the following options in "WHM Home " Security Center " cPHulk Brute Force Protection": IP Based Brute Force Protection Period in minutes Brute Force Protection Period in minutes Thank you.

  0
• 

  planetcaravan

  • February 07, 2014 20:12

  OH, well! I'm totally new on WHM and I was really worried about what happened. Thanks for your answer!

  0

Please sign in to leave a comment.