Brute Force Attack cPanel

November 5, 2014 The Geek Decoder No Comments cPanel, Security, WHM

Check the logs:

# nano /var/log messages
PAM-hulk[13813]: Brute force detection active: 580 LOGIN DENIED

Check

cphulkd.log at /usr/local/cpanel/logs


# nano /usr/local/cpanel/logs/login_log
72.177.xxx.xx - root [11/04/2014:05:48:13 -0000] "POST /login/?login_only=1 HTTP/1.1" DEFERRED LOGIN whostmgrd: brute force attempt (user root) has locked out IP 72.177.xxx.xx

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.