cPanel

cPanel is showing invalid login – The IP address is blocked by cphulkd for BruteForce

Arunlal A6 Comments
Post Views: 6,188

cpHulk : It’s a Brute Force Protection system in a WHM/cPanel server.

By enabling this feature from the WHM we can protect the server from unwanted login attempts.

In this article I am explaining the steps to whitelist your IP address on cPanel’s cphulkBrute Force Protection system.

We can simply configure the cpHulk from the WHM panel. I got the below pasted error when I checked one server which has cPanel login issue with a client.

Error details:

# tailf /usr/local/cpanel/logs/error_log
Duplicate logaccess:  at cpsrvd-ssl line 3000
        main::badpass('faillog', 'brute force attempt (user root) has locked out IP xxx.xxx.xxx.xx...', 'skip_hulk', 1, 'msg_code', 'invalid_login') called at cpsrvd-ssl line 5790
        main::connect_cphulkd() called at cpsrvd-ssl line 5255
        main::handle_form_login() called at cpsrvd-ssl line 1131
        main::handle_one_connection() called at cpsrvd-ssl line 996
Duplicate logaccess:  at cpsrvd-ssl line 3000
        main::badpass('faillog', 'brute force attempt (user brightpub) has locked out IP xxx.xxx.xxx.xx...', 'skip_hulk', 1, 'msg_code', 'invalid_login') called at cpsrvd-ssl line 5790
        main::connect_cphulkd() called at cpsrvd-ssl line 5255
        main::handle_form_login() called at cpsrvd-ssl line 1131
        main::handle_one_connection() called at cpsrvd-ssl line 996

Do not worry about that, here is a simple script to Whitelist the IP address on cpHulk service.

/scripts/cphulkdwhitelist

Usage:

/scripts/cphulkdwhitelist IP-Address

Dockerize your NodeJS app with Nginx as reverse proxy

Normally Dockerizing the Node application is a simple task. We can use the direct on-build images available in Docker hub.

That Docker image is enough to deploy the NodeJS application. All versions of on-build Node image is available in hub.

You can simply white-list the IP address on cpHulk from the WHM control panel itself. Here is the steps to White-list and Black-list IP in cpHulked from WHM.

First Step: Login to WHM panel.

Second Step: Go to,

Home >> Security Center >> cPHulk Brute Force Protection

Third Step: Select “White/Black list management

cpHulk

From there, you can see the options to White/Black list IPs quickly. There is also an option to edit the entries 🙂

That’s it!

 

Related
1, Simple steps to install IonCube loader on a cPanel server
2, Simple steps to install CloudFlare plugin on cPanel server
3, Install Security Advisor Addon on WHM/cPanel server

Post navigation

Arunlal A

Senior System Developer at Zeta. Linux lover. Traveller. Let's connect! Whether you're a seasoned DevOps pro or just starting your journey, I'm always eager to engage with like-minded individuals. Follow my blog for regular updates, connect on social media, and let's embark on this DevOps adventure together! Happy coding and deploying!

6 thoughts on “cPanel is showing invalid login – The IP address is blocked by cphulkd for BruteForce

  1. I have this same problem today on my site “websites-software-solutions” and just waited 20 minutes and it fixed itself. I agree whitelisting the IP is the way to go.

    Reply

  2. When I am trying to /scripts/cphulkdwhitelist IP-Address I get the following errer “cphulkd is not enabled”

    Reply

  3. hi, I have major issue that my server disk is almost full so i want to delete some data from my server, so please help me for solving this problem, i m really worried for that, it might be cresh something. than what i do so please…

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *