Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Hundreds of failed login attemts to cPanel server daily
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Hundreds of failed login attemts to cPanel server daily

stallionstallion Member
edited December 2014 in General

I have set a 18 digit alpha numeric password which is auto-generated. I keep it safe on my puter in a text file.

I have set the CpHulk setting to block the IP after 5 failed login attempts.

So chances of any bot or human guessing it and breaking into my root user are very slim. But still I am curious should I worry about these failed login attempts? If they are trying, it means they hope they can break the password. No?

These attempts mostly come from three countries. China on number 1, Ukrain on 2 and Russia on 3.

Comments

  • CC_DENY option in CSF

  • jarjar Patron Provider, Top Host, Veteran

    Only hundreds?

  • mmmm cpanel distributed brute force

  • BitmapBitmap Member
    edited December 2014

    It's not exactly safe storing it in a text document, you could/should at least put the text document inside a zip file and password protect it.

    @stallion said:
    I have set a 18 digit alpha numeric password which is auto-generated. I keep it safe on my puter in a text file.

    I have set the CpHulk setting to block the IP after 5 failed login attempts.

    So chances of any bot or human guessing it and breaking into my root user are very slim. But still I am curious should I worry about these failed login attempts? If they are trying, it means they hope they can break the password. No?

    These attempts mostly come from three countries. China on number 1, Ukrain on 2 and Russia on 3.

    >

  • Setup another user with rights to everything in cpanel and in sudo thingy, and passd -l root, then set SSH key so you can still access.

Sign In or Register to comment.