cPanel & WHM Version 94 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!
This object is in archive! 

Custom page for clients with blocked ip on cPHulk

Filipe Simoes shared this idea 6 years ago
Needs Feedback

A custom page would be displayed when a customer gets his IP blocked by cPHulk and tries to open any of the pages from the server.

This custom page would inform the customer that his IP is blocked for XX days/hours and he should contact support in order to fix that.

Best Answer
photo

It is unlikely that this feature will be implemented in the form you've described. We explicitly do not return a custom page that reveals the block has occurred as a means of not exposing to any abusers exactly what your thresholds are set to via "testing the fence". With such a page, the abuser knows what's an invalid password and what's just being rejected by cPHulk. This then allows them to tailor their script to ride "under the radar" and not trip cPHulk. That's one example of why we intentionally do not have such a page returned.

Comments (3)

photo
1

It is unlikely that this feature will be implemented in the form you've described. We explicitly do not return a custom page that reveals the block has occurred as a means of not exposing to any abusers exactly what your thresholds are set to via "testing the fence". With such a page, the abuser knows what's an invalid password and what's just being rejected by cPHulk. This then allows them to tailor their script to ride "under the radar" and not trip cPHulk. That's one example of why we intentionally do not have such a page returned.

photo
1

I think this can be very usefull, because In most of the cases normal clients are blocked... and besides that, nothing changes for the attacker if he sees that he was blocked or not.

photo
1

It still can be optional to inform about the block.


Another way could be to inform cpanel account holders via email about a block. Would be good to show the bruteforce attacks on cpanel logins.


That would help when one user in a company has triggered a block for the whole internetconnection and other users are complaining about an nonworking cpanel.

Leave a Comment
 
Attach a file