cPHulk Brute Force Protection Confusion
Hello,
On the page link below i found the following statement:
Notes:
cPHulk does not consider multiple login attempts that use the same IP address, username, and password to be separate failures if they occur within the same six-hour period.
last modified by Doc User on Oct 10, 2016
Is this literally saying that nothing matters during the first 6 hours of any action taking place and cPHULK will not block any IP or User during the first 6 hours? Thanks.
https://docs.cpanel.net//ALD/cPHulk Brute Force ProtectionIs this literally saying that nothing matters during the first 6 hours of any action taking place and cPHULK will not block any IP or User during the first 6 hours? Thanks.
-
Hello, Another way of stating the behavior is that only one failure is recorded per six-hour period if the IP address, username, and password are all the same in each authentication attempt. For example, let's say a user with IP address 1.2.3.4 attempts to login to cPanel with the username "example123" and the password "password123" several times in a six-hour period. In this scenario, it's only counted as one failure. However, if a user with that same IP address then attempted to login with the username "example123" and the password "password12345678" in that same six-hour window, then that would count as an additional failure. Thank you. 0 -
Thanks cPanel Michael, I understand your explanation. Now i have a grasp on how to set the limits within cPHulk. Much appreciated. Consider this resolved. 0
Please sign in to leave a comment.
Comments
2 comments