What Does This Message Mean?
WHM/cPanel has a brute force protection service called “cPHulk Brute Force Protection”.
If someone enters an incorrect password several times, cPHulk blocks the offending IP address and sends the message to the root contact on the server.
If cPHulk blocks your IP, you can add it to white list via WHM by following the steps below:
How To Resolve The Issue
1. Go to WHM Main, then to Security Center, and select cPHulk Brute Force Protection
2. Go to “Whitelist Management” Tab.
3. Enter the IP in “New Whitelist Records” and press “Add”
If you received a notice regarding a blocked IP, you should log into WHM and check the IP:
- Go to WHM Main, then to Security Center, and choose cPHulk Brute Force Protection.
- Go to the “History Reports” tab.
Here you can see “User” and “IP” where someone tried to connect. You should block this IP via “Blacklist Management” if you don’t recognize it tab.
We recommend setting up a firewall (ex: CSF installation instructions here) and add this IP to the “deny list”.
Information on how to set up cPHulk Brute Force Protection (official documentation) can be found here.