Bruteforce Panic Mode Block Me Too

dezagus

• November 03, 2014 14:10

I don't know, but this was since I start to use cPanel, so like 2 years ago. Always I get an Bruteforce Attack I can't access too until the attack finish. Something is wrong config? .vB Thanks, Denis.

• 

  simonas

  • November 03, 2014 19:36

  Well i would suggest you to make Maximum Failures per account high - like 90. And lower Maximum Failures per IP to 3.

  0
• 

  dezagus

  • November 03, 2014 20:06

  If I change that parameters obviously would be more tolerable to Brute Force Attacks, but, maybe an concept was wrong, the Bruteforce "Panic" mode apply for all accounts or just to account which is aim? Per example, if someone try bruteforce to "root" and I have an account called whatever name would be blocked too? Thanks for aswer!

  0
• 

  simonas

  • November 03, 2014 20:14

  No, only account that's being bruteforced get's blocked. In my opinion - account locking is a stupid thing. If an attacker get's his ip blocked every 3 tries he will soon run out IPs anyway. Another option would be to create resseler account with root privileges and not popular name.

  0
• 

  cPanelMichael

  • November 04, 2014 15:24

  Hello :) You may also want to consider adding your own IP address to the cPhulk white list. Thank you.

  0
• 

  dezagus

  • November 04, 2014 15:54

  I haven an dinamic IP, so it's impossible to add to white list. I will choice simonas solutions, but, seriusly, this feature of block full account access looks more like an wrong feature more than the security possibilities. Would be great if cPanel provide some additional option of "block (or not) full account acces when bruteforce is working".

  0
• 

  cPanelMichael

  • November 04, 2014 16:00

  You are welcome to submit a feature request for that via: Submit A Feature Request Or, you may want to utilize a third-party application such as CSF/LFD instead of cPHulk. Thank you.

  0

Please sign in to leave a comment.