{"id":398,"date":"2015-06-05T09:41:00","date_gmt":"2015-06-05T09:41:00","guid":{"rendered":"http:\/\/kb.veeble.org\/?p=398"},"modified":"2025-03-18T11:59:48","modified_gmt":"2025-03-18T06:29:48","slug":"install-and-configure-cphulk-in-cpanel","status":"publish","type":"post","link":"https:\/\/www.veeble.com\/kb\/install-and-configure-cphulk-in-cpanel\/","title":{"rendered":"How to install and configure cPHulk in cPanel"},"content":{"rendered":"\n

Many of us might be familiar with the term cPHulk, it is a brute force security feature that comes with Cpanel. So what does Cphulk do? What is the difference between CSF\/LDF?<\/p>\n\n\n\n

cPHulk prevents brute force attacks on services like WHM, SSH, and IMAP\/POP 3. As we enable cPHulk via the WHM control panel, we set a default number of attempts and access these services. We can change these values according to our wishes.<\/p>\n\n\n\n

<\/p>\n\n\n

Working of Cphulk<\/h3>\n\n\n

So what does cPHulk actually do? Usually, what attackers do is try permutations and combinations of usernames and passwords on these services. It is usually automated because when we set a default value for the number of login attempts, it blocks the IP address from the account that is attacked. Getting “blocked” means, it does not allow further login. This conveys a deceptive message \u201cmessage: The login is invalid.\u201d which does not reveal the exact source of action.<\/p>\n\n\n\n

csf\/ldf only blocks the login privilege whereas these ips can access the website, and is actually very resourceful. As it does not affect the traffic to the website.<\/p>\n\n\n\n

These are the functions that are possible via Cphulk<\/a><\/span><\/p>\n\n\n\n

1. To blacklist or white list an entire IP range, like an ip range from a country or region around the world eg 123.0.0.0.\/8 which blocks an entire chunk of china preventing logins from 123.x.x.x.x range. <\/span><\/span><\/span><\/p>\n\n\n\n

2. To set the time range in which the cPhulk measures the login attempts for a distinct IP,after that the IP is denied login privilege to the account(Default 5 minutes)<\/span><\/span><\/span><\/p>\n\n\n\n

3. To Set the max no failed attempts within a time range to login to a Cpanel account. After that the account is blocked for login. (default 15)<\/span><\/span><\/span><\/p>\n\n\n\n

4. IP address-based restriction, as the max value for failed login attempts is reached, that IP is blocked.<\/span><\/span><\/span><\/p>\n\n\n\n

5. To set a command to be executed when an IP triggers a brute force attack.<\/span><\/span><\/span><\/p>\n\n\n\n

6. To add an IP to the firewall rule, if the IP is blocked for one day only using Cphulk. (This will block the IP from accessing the website also)<\/span><\/span><\/span><\/p>\n\n\n\n

7. To send a “successful root login message” if the IP is not included in the white list.<\/span><\/span><\/span><\/p>\n\n\n\n

<\/p>\n\n\n

Command line methods to manage Cphulk<\/strong><\/h3>\n\n\n

To check the cPHulk status<\/u><\/span><\/p>\n\n\n\n

ps aux | grep -i cphulk  command which will give a result like the below,<\/p>\n\n\n\n

root 1501 0.0 0.4 34816 5076 ? S 07:58 0:00 cPhulkd \u2013 processor<\/span><\/span><\/span><\/code><\/p>\n\n\n\n

To restart the cPHulk daemon.<\/span><\/u><\/p>\n\n\n\n

Soft restart<\/b><\/span><\/span><\/span><\/p>\n\n\n\n

<\/code>\/scripts\/restartsrv_cphulkd<\/span><\/span><\/span><\/code> <\/code><\/span><\/span><\/span><\/p>\n\n\n\n

Hard Restart<\/b><\/span><\/span><\/span><\/p>\n\n\n\n

<\/code>\/scripts\/restartsrv_cphulkd<\/span><\/span><\/span><\/code> <\/span><\/span><\/span>--stop; \/scripts\/restartsrv_cphulkd<\/span><\/span><\/span><\/code> <\/span><\/span><\/span>--start<\/span><\/span><\/span><\/code><\/p>\n\n\n\n

To disable cPHulk<\/span><\/u><\/p>\n\n\n\n

\/usr\/local\/cpanel\/etc\/init\/stopcphulkd <\/span><\/span><\/span><\/code>OR<\/b><\/span><\/span><\/span><\/code><\/p>\n\n\n\n

\/usr\/local\/cpanel\/bin\/cphulk_pam_ctl<\/span><\/span><\/span><\/code> <\/span><\/span>--disable<\/span><\/span><\/span><\/code><\/p>\n\n\n\n

To remove cPHulk option from the cPanel even after restart.(removes the cPHulk touch file)<\/u><\/span><\/p>\n\n\n\n

rm \/var\/cpanel\/hulkd\/enabled<\/span><\/span><\/span><\/code><\/p>\n\n\n\n

To ADD IP\/IP range to <\/u><\/span>white list<\/u><\/span><\/p>\n\n\n\n

\/scripts\/cphulkdwhitelist 192.168.2.20<\/span><\/span><\/span><\/code> OR<\/b><\/span><\/span><\/span><\/p>\n\n\n\n

\/scripts\/cphulkdwhitelist <\/span><\/span><\/span><\/code>1<\/span><\/span><\/span><\/code>92.168.2.0\/24 <\/span><\/span><\/span><\/code>OR<\/b><\/span><\/span><\/span><\/code><\/p>\n\n\n\n

\/scripts\/cphulkdwhitelist 192.168.0.0\/16 <\/span><\/span><\/span><\/code>OR<\/b><\/span><\/span><\/span><\/code><\/p>\n\n\n\n

\/scripts\/cphulkdwhitelist<\/span><\/span><\/span><\/code> <\/code>192.0.0.0\/8 <\/span><\/span><\/span><\/code><\/p>\n\n\n\n

To ADD IP\/IP ranges to black list<\/u><\/span><\/p>\n\n\n\n

\/scripts\/cphulkdblacklist 192.168.2.20<\/span><\/span><\/span><\/code> OR<\/b><\/span><\/span><\/span><\/p>\n\n\n\n

\/scripts\/cphulkdblacklist <\/span><\/span><\/span><\/code>1<\/span><\/span><\/span><\/code>92.168.2.0\/24 <\/span><\/span><\/span><\/code>OR<\/b><\/span><\/span><\/span><\/code><\/p>\n\n\n\n

\/scripts\/cphulkdblacklist 192.168.0.0\/16 <\/span><\/span><\/span><\/code>OR<\/b><\/span><\/span><\/span><\/code><\/p>\n\n\n\n

\/scripts\/cphulkdblacklist<\/span><\/span><\/span><\/code> <\/code>192.0.0.0\/8 <\/span><\/span><\/span><\/code><\/p>\n\n\n\n

Great!! that’s pretty much it. Keep your servers secure!<\/p>\n\n\n\n

<\/div>\n\n\n\n

Easy Website Management<\/h3>

Simplify your website management with our user-friendly cPanel. Easily install applications, manage files, and configure email. Our support team is ready to assist you every step of the way.<\/p><\/div>

Explore cPanel Plans<\/path><\/svg><\/a><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"

Many of us might be familiar with the term cPHulk, it is a brute force security feature that comes with Cpanel. So what does […]<\/p>\n","protected":false},"author":10,"featured_media":7679,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[4],"tags":[],"class_list":["post-398","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cpanel"],"uagb_featured_image_src":{"full":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2015\/06\/How-to-install-and-configure-cPHulk-in-cPanel.jpg",1366,768,false],"thumbnail":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2015\/06\/How-to-install-and-configure-cPHulk-in-cPanel-150x150.jpg",150,150,true],"medium":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2015\/06\/How-to-install-and-configure-cPHulk-in-cPanel-300x169.jpg",300,169,true],"medium_large":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2015\/06\/How-to-install-and-configure-cPHulk-in-cPanel-768x432.jpg",768,432,true],"large":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2015\/06\/How-to-install-and-configure-cPHulk-in-cPanel-1024x576.jpg",1024,576,true],"1536x1536":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2015\/06\/How-to-install-and-configure-cPHulk-in-cPanel.jpg",1366,768,false],"2048x2048":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2015\/06\/How-to-install-and-configure-cPHulk-in-cPanel.jpg",1366,768,false]},"uagb_author_info":{"display_name":"Vipin Raj","author_link":"https:\/\/www.veeble.com\/kb\/author\/vipin\/"},"uagb_comment_info":0,"uagb_excerpt":"Many of us might be familiar with the term cPHulk, it is a brute force security feature that comes with Cpanel. So what does […]","_links":{"self":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts\/398","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/comments?post=398"}],"version-history":[{"count":11,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts\/398\/revisions"}],"predecessor-version":[{"id":8175,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts\/398\/revisions\/8175"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/media\/7679"}],"wp:attachment":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/media?parent=398"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/categories?post=398"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/tags?post=398"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}