cPHulk is a cPanel & WHM service designed to protect servers from brute force attacks, which involve guessing password combinations until the correct one is found.
cPHulk secures your server by blacklisting specific IP addresses after repeated failed login attempts. If an IP is blocked, cPanel & WHM won't display a direct message; instead, you'll see an error indicating invalid logins.
cPHulk monitors services like WHM/cPanel, email clients (POP3/IMAP/SMTP), Webmail, SSH, and FTP/SFTP. It can automatically block IP addresses showing too many failed login attempts or those trying to guess passwords. Blocks can be temporary, for one day, or permanent, depending on your configuration.
To use cPHulk, ensure it's enabled.
cPHulk Settings:
This section allows you to customize the service, with options for Username-based Protection, IP Address-based Protection, One-Day Blocks, and Login History.
Whitelist/Blacklist Management:
Here, you can manually blacklist or whitelist specific IP addresses. For instance, you can whitelist your local IP to prevent it from being blacklisted.
cPHulk Logs:
This section lets you review failed logins, blocked users, IP addresses, and one-day blockings.
