Skip to main content

cPHulk - Maximum Failures before IP blocked for two weeks - what period?

cpangs
The main question in the post cPHulk - Maximum Failures before IP blocked for two weeks - what period?? was never answered, so this is a kick to stimulate that. I'll add the following sub-question: Do those rules apply to explicitly whitelisted IP addresses? Here is the text from the unanswered part of original post: [QUOTE]In cPHulk, there is the option that says: "Maximum Failures Per IP before IP is blocked for two week period" However, it doesn't say over what period the "Maximum Failures" are calculated For instance, is it calculated over a period such as: 1. per day 2. per week 3. per month 4. per year 5. forever, the life of the WHM account When does the clock start and stop for accumulating the "Maximum Failures Per IP" before you're blocked for 2 weeks? What if I set the number of times to be 15, then what if I have the WHM account for, say, 15 years, and I mess up the passwrd once per year? Would I then not be able to login starting in the 16th year?
(The very last question is particularly well put.)

Comments

1 comment

Date Votes
  • cPanelMichael
    Hello :) This is answered in our documentation: cPHulk Brute Force Detection In particular, this part answers your questions: Enter the number of minutes in which cPHulk measures an attacker's log in attempts in the IP Based Brute Force Protection Period in minutes text box. If an attacker at a specific IP address attempts to log in repeatedly, they will reach the defined number of login attempts within this configured time. cPHulk will consider this a brute force attempt, and will block the attacker's IP address. Enter the number of minutes over which cPHulk measures all login attempts to a specific user's account in the Brute Force Protection Period in minutes text box. If several potential attackers attempt to log in and reach that account's defined number of login attempts within this configured time, regardless of IP address, cPHulk will consider this a brute force attempt. All IP addresses will no longer be able to log in to the cPanel user's account. In addition, cPHulk will lock the cPanel user's account. Thank you.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post