Locked due to cPHulk Brute Force Protection System

  • March 6, 2015
  • 0 Comments

if you are locked out, you can either restart your internet modem in hoping to get new ip address.

But, you can use to execute the following script via WHM

/scripts2/doautofixer?autofix=disable_cphulkd

To do so type the following line into your browser’s address bar:

http://yourserver.com:2086:/scripts2/doautofixer?autofix=disable_cphulkd

Still if you not able to login to the server. You may use the following way to get the cPHulk database flushed. 

cPHulk stores all of its information in a database called cphulkd. There are two tables of interest: logins and brutes 
The logins table stores login authentication failures. The brutes table stores other authentication failures indicative of a brute force attack

You can check it as I did, login to the server as root using SSH and got to mysql prompt

root@loudwater [~]# mysql

mysql> connect cphulkd

To get your self unblocked first check the blacklisted IPs

mysql> select IP, LOGINTIME from logins order by LOGINTIME;

mysql> select IP, BRUTETIME from brutes order by BRUTETIME;

mysql> delete from brutes;

mysql> delete from logins;

If you wish to disable cPHulk use following command

/usr/local/cpanel/bin/cphulk_pam_ctl –disable

To enable cPHulk use

/usr/local/cpanel/bin/cphulk_pam_ctl –enable


How helpful was this article to you?

Posting has been disabled.