Introduction
cPHulk Brute Force Protection is a security feature in cPanel & WHM that helps protect your server against brute-force login attempts targeting services such as cPanel, WHM, Webmail, FTP, and SSH. If you need to permanently block a specific IP address from accessing these services, you can add it to the cPHulk blacklist directly from the command line.
Prerequisites
Before proceeding, ensure that:
- You have root SSH access to the server.
- cPHulk Brute Force Protection is enabled on the server.
- You know the IP address that needs to be blacklisted.
- The server is running cPanel & WHM.
IMPLEMENTATION
STEP 1: Connect to the Server via SSH
ssh root@your-server-ipSTEP 2: Add the IP Address to the cPHulk Blacklist
Run the following command, replacing 203.xxx.xx.xx with the IP address you want to block:
/usr/local/cpanel/scripts/cphulkdblacklist 203.xxx.xx.xxThis command adds the specified IP address to the cPHulk blacklist.
Example Output
203.xxx.xx.xx has been blacklistedConclusion
Using the cphulkdblacklist script is the quickest way to block a malicious or unwanted IP address in cPHulk from the command line. This method is particularly useful for administrators who need to take immediate action without accessing the WHM interface. After the command is executed, the IP address is added to the cPHulk blacklist and restricted from accessing protected services on the server