cPHulk is a robust security feature integrated into cPanel and WHM (Web Host Manager) control panels that helps protect your server against various forms of brute force attacks and unauthorized access attempts. While cPanel provides a user-friendly interface to configure and manage cPHulk, many advanced users and server administrators prefer working from the command line for its flexibility and efficiency.
In this article, we will explore how to manage cPHulk from the command line, covering key actions such as enabling/disabling cPHulk, configuring settings, and monitoring login attempts.
- Accessing the Command Line
Before you can manage cPHulk via the command line, you need to access your server’s command-line interface. This can be done through SSH (Secure Shell). Make sure you have SSH access and the necessary credentials to log in.
- Checking cPHulk’s Status
To check if cPHulk is currently enabled or disabled on your server, you can use the following command:
whmapi1 configureservice service=cphulkd enabled=0 monitored=0 /usr/local/cpanel/etc/init/stopcphulkd /usr/local/cpanel/bin/cphulk_pam_ctl --disable /usr/local/cpanel/bin/hulkd status If cPHulk is enabled, you will receive a message indicating its status along with additional details. Enabling and Disabling cPHulk You can enable or disable cPHulk using the command line as well. To enable cPHulk, use this command: /usr/local/cpanel/bin/hulkd enable To disable cPHulk, use the following command: /usr/local/cpanel/bin/hulkd disable Configuring cPHulk Settings Customizing cPHulk settings is crucial to match your specific security requirements. You can modify various aspects of cPHulk via the command line. Here are some common configuration options: Adjusting the Brute Force Protection Threshold: You can set the number of authentication failures allowed before cPHulk blocks an IP address. For example, to set the threshold to 10: /usr/local/cpanel/bin/hulkd set_config brute_force_protection_threshold 10 Whitelisting and Blacklisting IP Addresses: You can add IP addresses to the whitelist or blacklist to control cPHulk's behavior. For instance, to whitelist an IP address: /usr/local/cpanel/bin/hulkd add_white_ip IP_ADDRESS To blacklist an IP address: /usr/local/cpanel/bin/hulkd add_black_ip IP_ADDRESS Adjusting Other Configuration Parameters: Explore additional configuration options such as lockout duration, lockout message, and more by using the hulkd set_config command with the appropriate parameter name and value. Monitoring cPHulk Activities To monitor cPHulk activities, you can check the cPHulk logs using the tail command. Here's how you can view the last 100 lines of the cPHulk log: tail -n 100 /usr/local/cpanel/logs/cphulkd.log This will display the latest entries in the log, providing insights into login attempts, blocked IP addresses, and other relevant information.