Enabling cPHulk brute force protection

Expertise level: Medium

cPHulk is a form of protection from brute force attacks.  When an attacker attempts to access your server and fails a number of times, cPHulk will automatically ban the attacker's IP address for a limited time, usually 30 minutes.

By default, servers with WHM are now delivered with cPHulk disabled. If you choose to enable it for increased security, please be sure to double-check your passwords. It is entirely possible for WHM to automatically ban you.

To enable or disable cPHulk, first search for 'cphulk' in the search box to the upper left of the screen.


Click on 'cPHulk Brute Force Protection', and the main cPHulk page will open.


Here, you can enable or disable cPHulk. If you wish to clear the existing database of failed logins, simply click on Flush DB.


Article is closed for comments.
Powered by Zendesk