Go Back    Forum > Digital Publishing / Web Sites > Web Hosting

LinkBack Thread Tools
01-10-2012, 02:23 AM
kpmedia's Avatar
kpmedia kpmedia is offline
Site Staff | Web Hosting, Photo
Join Date: Feb 2004
Posts: 4,311
Thanked 376 Times in 342 Posts
cPHulk is a security feature found only on cPanel based Linux servers

It locks down the cPanel and WHM logins, SSH (shell/root access) logins, FTP logins, and IMAP/POP3 (mail) logins. These core services are locked down after too many fails from a single IP address. The lockout kicks in at whatever interval is set by the user, and lasts for as long as the user would like to set it. You can also set blacklists and whitelists for IP ranges that you know will never be valid. You could block, for example, which wipes out a huge chunk of China, preventing logins from that entire 123.x.x.x range.

This is one reason cPanel is superior to DirectAdmin and Plesk for Linux servers.

Unlike CSF/LDF (firewall), blacklisting IPs in cPHulk will not prevent viewing of web pages or delivery of mail. That's one key difference. It only affects the PAM, or authentication modules. So only attempts to login are blocked, traffic itself is not blocked. Because of this, you can block an entire /8 -- whole countries/continents -- without worrying that you've lost legitimate traffic of mail. All you're blocking is the login abilities. If you have the CSF/LFD plugin added to cPanel, it will ban individual problem IPs not found in the blacklist, and that blocks all traffic from that specific IP address.

I block /8's and /16's in cPHulk after receiving failure warnings from places/IPs that I know I'll never be at. CSF/LFD takes care of anything new. cPHulk email warnings alert me to new malicious traffic. (I also manually scan the LFD logs, during routine weekly monitoring. CSF/LFD emails are disabled, because it seems a bit redundant.)

Here's a more detailed description of how the cPHulk service functions, from the official docs:

cPHulk Brute Force Protection
cPanel 11 marks the debut for the much anticipated cPHulk Protection system. cPHulk protects your vital services by disabling authentication to those services after a brute force attack is detected. It protects: cPanel, WHM, SSH, FTP, IMAP, and POP3 from brute force authentication attacks. cPHulk will remain transparent to the attacker whose authentication attempts will feel normal, even while authentication is disabled. Thus, you can get substantial information about the attack. You can even customize authentication thresholds and lock out times!

Need a good host?
Find one here --> http://www.digitalfaq.com/forum/web-...-best-web.html

- Did my advice help you? Then become a Premium Member and support this site.
- Please Like Us on Facebook | Follow Us on Twitter

- Need a good web host? Ask me for help! Get the shared, VPS, semi-dedicated, cloud, or reseller you need.
Reply With Quote
Someday, 12:01 PM
admin's Avatar
Ads / Sponsors
Join Date: ∞
Posts: 42
Thanks: ∞
Thanked 42 Times in 42 Posts

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hacking ATI MMC 8.7 to work on 128PRO admin Capture, Record, Transfer 26 07-21-2014 06:22 AM
Power Rangers Fonts (Mystic Force), where to download ? ninjastriker Author, Make Menus, Slideshows, Burn 1 12-30-2011 09:28 AM
VHS copy protection removers for sale [SOLD] lordsmurf Marketplace 6 03-05-2008 12:07 PM
Do you use an anti-virus? firewall? lordsmurf Computers 3 11-21-2005 04:51 AM
Useful Pioneer 109 DVD burner hacking info! admin Blank Media 0 02-15-2005 04:59 AM

Thread Tools

All times are GMT -5. The time now is 05:36 AM