Enabling cPHulk on Dedicated Servers Updated on August 21, 2023 by InMotion Hosting Contributor 1 Minutes, 47 Seconds to Read One of the most common ways for malicious software (malware) to penetrate the defenses of various web services is via brute-force attacks. Through repeated login attempts, malware can overwhelm the authentication service and bypass existing password protections. Fortunately, most modern web servers offer some form of brute-force protection. For cPanel/WHM-based systems, this commonly takes the form of cPHulk. In this article, we will show you how to protect your Dedicated Server Hosting from brute-force login attempts by enabling cPHulk. Note: you will require root access in order to follow these directions. Don’t have time to read our full article? Watch our walk-through video. Enabling cPHulk First, log into WHM as the root user. Next, type Security in the search box, then click the Security Center link. On the Security Center page, click the cPHulk Brute Force Protection button. After clicking this button, you will see that cPHulk is disabled. To enable it, toggle it on in this menu. Once toggling it on, you can then choose your cPHulk settings, then click the Save button. Congratulations, you have protected your dedicated server enabling cPHulk brute force protection in WHM! Make sure to whitelist your IP address and maintain the practice of blacklisting IP addresses that are involved in threatening your server. It is recommended that users combine brute-force protection with other forms of security such as firewalls, monitoring software, and malware scanners. As digital threats emerge, it is important to take advantage of every security tool at your disposal. This is why cPanel offers a unique value for users looking to secure their servers from brute-force attacks. While many types of security software require the use of command-line interfaces or hard-to-use menus, enabling cPHulk can be done as easily as any other task within the cPanel/WHM interface. Unfortunately, this protection is only available on VPS and dedicated server hosting, so if you need protection from brute-force attacks, you may want to look into one of these hosting plans. If you are looking for additional ways to secure your server, check out our DNSSEC in cPanel guide for more information! Choose Your Level of Server Management Whether you need hands-on control or prefer professional management, our dedicated servers adapt to your technical requirements and staff capacity. Fully Managed Option With Expert AdministrationSelf-Managed Bare Metal for Complete Control Dedicated Hosting Share this Article InMotion Hosting Contributor Content Writer InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals! More Articles by InMotion Hosting Related Articles Resetting the cPanel Password in WHM How to Change your root Password in WHM How to Stop and Disable Firewalld Content Security Policy (CSP) Headers – Complete Reference Guide Why You Need To Keep Your Website’s PHP Version Up-to-Date Learning About Mod_security and Disabling Mod_security Close Open Ports for PCI Compliance How to Pass PCI Compliance Scans DDoS Protection Using Corero How to Open a Port in Firewalld
