Remove IP from cphulk blacklist


cPHulk Brute Force Protection


          cPHulk Brute Force Protection prevents malicious forces from trying to access your server’s services by guessing the login password for that service. While browsing the whm many time local machine ip blocked in the cphulkd database and we are not able to browse the WHM, to unlock the WHM access refer to the following steps to whitelist the ip from the cphulkd blacklist database.


BackEnd or Terminal

Login in the shell as a root user and run the commands.

# mysql

   >USE cphulkd
   >SHOW tables;
   >BACKUP TABLE  brutes TO  ‘/root/cphulk.log’;
   >SELECT * FROM brutes WHERE  IP=’[IP Address]‘;
   >DELETE  FROM  brutes WHERE  IP=’IP Address’;
   >quit;

 Replace “IP Address” as per your local machine ip address to resolve the issue.

============================================================
To delete all the brute force entries of blocked IPs,

mysql> delete from brutes;
mysql> delete from logins;

============================================================

FrontEnd

Login to WHM, then
Main >> Security Center >> cPHulk Brute Force Protection

Select tab
  • White/Black List Management
You can Whitelist or Blacklist an IP there.
There is an option to enable/disable  cPHulk protection.

Note:- To disable cPHulk through backend. ie, via terminal

# /usr/local/cpanel/bin/cphulk_pam_ctl --disable

If the shell access is disabled then refer to the following syntax to disable the cphuld.

https://server-ip-address:2087/scripts2/doautofixer?autofix=disable_cphulkd