HostMonster Web Hosting Help
VPS or Dedicated Hosting - cPHulk Brute Force Protection
Overview
This article will cover the use of cPHulk. cPhulk is software designed to protect your server from brute force login attempts. It does this through blacklisting IP addresses that have too many failed login attempts within a short period.
ATTENTION: When enabling cPHulk it is critical that you whitelist your own IP address so that you do not block yourself from your server. If you believe you have been blocked from your server please refer to the Whitelisting in cPanel section.
Note: If you need your IP address, it can be found at www.HostMonster.com/ip
Tasks Involved
Click on any of the tasks to jump to that point in the guide.
Enable cPhulk
To enable, cPHulk follow these steps.
- Log in to WHM.
- Click on Security Center.
- Click on the cPHulk Brute Force Protection icon.
- Click on Enable under cPHulk is Currently Disabled.
The status should say cPHulk is Currently Enabled.
Whitelisting Your IP Address
These steps will explain how to whitelist an IP address. Whitelisted IP addresses will never be blocked by cPHulk.
- Click the White/Black list Management tab.
- Enter your IP address in the White list (Trusted IP list) entry field.
- Click Quick Add.
To modify multiple IPs at once, click Edit Whitelist
Whitelisting in cPanel
If you have been blocked from WHM or any other login on your server, you may still login to your HostMonster cPanel and whitelist your IP address.
Note: If you need your IP address, it can be found at www.HostMonster.com/ip
- Login to your HostMonster cPanel
- If you are not already on the hosting page, click the hosting link at the top.
- Click the performance link underneath the hosting tab.
- Click the system console link.
-
Login with root as your username and your root password.
Note: If you aren't sure of the root password please see: Setting your Root password
Note: When typing in the password, the console will not act as if anything is being entered. This is done purposefully for security. Type your password carefully and hit enter as normal. -
Once you are logged into the console, run enter this command:
/scripts/cphulkdwhitelist YOUR-IP
Note: Please replace YOUR-IP with your actual IP address. -
Next run this command:
mysql cphulkd -e "delete from brutes where ip='YOUR-IP'"
Note: Please replace YOUR-IP with your actual IP address. -
Your IP address should now be whitelisted. Finally, enter this command to close the console.
exit
Blacklisting IP Addresses
- Click the White/Black list Management tab.
- Enter the IP address into the Black list (Rejected IP list) entry field.
- Click Quick Add.
To modify multiple IPs at once, click Edit Blacklist.