cPanel & WHM Version 94 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

Add successful IP threshold limit to cPhulk

hbouma shared this idea 4 years ago
Open Discussion

As a server administrator I would like the ability to define an alert/ban threshold of authenticated IP addresses in cPHulkD in order to block potentially compromised cPanel accounts.

For example, if I set a threshold of 3, and 4 different IPs all successfully authenticate to the same cPanel account within a short period, then I would like to see cPHulkD react as the account is likely compromised by hackers (especially if the IPs are geographically distinct). This is especially true when discussing a compromised email account. Once an email account becomes compromised, you'll often have quickly have 6+ IPs all using it to send out spam.


cPanel will then help stop accounts which have become compromised by hackers from being accessed as well.


  • Original request
  • This information is shared privately in spoiler and not visible!

Comments (2)

photo
1

I think CSF already allows you to do this with their distributed connections limit feature.

photo
1

It does, but not everyone (including myself) uses CSF. You could make a similar argument for most of cphulk's features (that it does what CSF does already) too...

Leave a Comment
 
Attach a file