2

So I have enabled cPHulk on my web server, and just realized now that somebody (most likely a bot) is attempting to brute force their way into my WHM, thus leaving me out as well.

I was shown this message when attempting to login to my WHM from the IP I always use:

This account is currently locked out because a brute force attempt was detected. Please wait a few minutes and try again. Attempting to login again will only increase this delay. If you frequently experience this problem, we recommend having your username changed to something less generic.

So I am simply curious. Since somebody is obviously attempting to brute force my WHM, could they also be attempting to brute force my SSH? And does cPHulk protect SSH as well?

darkAsPitch
  • 1,861
  • 4
  • 25
  • 42
  • This question appears to be off-topic because it is about [`working with a service provider's management interface, such as cPanel`](http://serverfault.com/help/on-topic). – HopelessN00b Jan 13 '15 at 22:09

1 Answers1

3

cPHulk also protects SSH yes. But I always use cPHulk in combination with CSF/LFD

Also in case you're locked out of your server try this:
https://www.example.com:2087/usr/local/cpanel/scripts2/doautofixer?autofix=disable_cphulk

Source

George Tasioulis
  • 1,969
  • 2
  • 16
  • 17