WHM Login always incorrect password need to reboot vps to be able to login

ermiebb

• February 05, 2015 14:16

Hi, I always have this problem and it is very annoying For example: I haven't login in my WHM for a day or two or even for a couple of hours when i try to login to my WHM it says Incorrect password even if i dont change my pass then i am going to reset my root password in my vps panel then it will allow me to login in my whm successfully with my new password. then after that if i go idle for an hour or two when i refresh my browser or i try to relogin to WHM it says i again invalid password i need again to reset my password in my vps panel and reboot server again to be able to login to my whm... Whats causing this problem and how to resolve this? Thank you very much

• 

  keat63

  • February 05, 2015 21:20

  In my experience you are probably being locked out, due to brute force login attempts from unknowns. Potential hackers. Find cphulk and add your ip or range of ip's (if dynamic) to the white list for a start. Range of ip's will go along the lines xxx.xxx.0.0/16. Consider using host access control. Allow access to all for your ip (or range of ip's), this one goes along the lines xxx.xxx.0.0/255.255.0.0 All - IP or Range - Allow And deny all to everyone else until you have it secured at least All - All - DENY Then as a matter of immediate importance, install CSF (firewall). When CSF is installed, choose a pre-configured profile as a starting point (i chose high). And remember to take csf out of test mode. It's not difficult but can be quite daunting when your'e first starting out. When you've done all this, come back as the guys on here are really helpful.

  0
• 

  ermiebb

  • February 06, 2015 05:01

  Hi thanks for the reply, where do i find cphulk? currently searching it right now in whm... thanks!

  0
• 

  dalem

  • February 06, 2015 05:04

  Home " Security Center " cPHulk Brute Force Protection

  0
• 

  ermiebb

  • February 06, 2015 05:09

  thanks found it.. holy mother of god i saw in the cphulk failed login logs a lots of failed login with different ip i think theres a thousands of failed logins different ip on the list in cphulk.. how do i install csf? via whm?

  0
• 

  ermiebb

  • February 06, 2015 05:21

  after i install csf do i still need the cphulk? do i disabl the cphulk or not?

  0
• 

  keat63

  • February 06, 2015 11:25

  Install csf from a root login. - - - Updated - - - One other thing, finding your way around WHM and it's many features can be tricky at first, knowing for example where CPHULK is. Using the search box (top left), will help find these things.

  0
• 

  Infopro

  • February 06, 2015 11:42

  Also under security center, add your entries in Host Access Control, like thus.
  Linking to the proper documentation is always a better way to go: Host Access Control - cPanel Documentation The concern should be that for a new user, the actual documentation is going to be more accurate, complete, and safe to implement.

  0
• 

  ermiebb

  • February 06, 2015 16:16

  thank you guys problem solved.

  0
• 

  keat63

  • February 06, 2015 19:03

  Now might be a good idea to run a quick security scan, and see what you can or dare tighten up. If you installed CSF, you might want to consider a CSF security scan also. CSF also gives very easy access to the logs, you'll be shocked as to how many devious goings on there are behind your back

  0

Please sign in to leave a comment.