Results 1 to 5 of 5
  1. #1

    Blocking login attempts based on country in the WHM/Cpanel

    I'm getting plenty of notifications titled : "Large Number of Failed Login Attempts from IP ...." in my VPS.

    with the email body like :

    5 failed login attempts to account sales (smtp) -- Large number of attempts from this IP: 64.27.9.245

    Reverse DNS: ecpcb.com

    Origin Country: United States (US)

    Please use the following links to add to the black list:

    It means the Cpanel is able to detect the country of login. Is it possible to disable login based on country?

    Means I want to allow myself(India) and my provider only(US) to login into my VPS.

    Can I do it?

  2. #2
    Join Date
    Jun 2007
    Location
    Miami Beach, Florida
    Posts
    650

    .htaccess file

    You can use an htaccess file located in the main root or admin folder that can block IPs, block entire countries, or block everything except a few specific IPs.
    Google it, you will probably find the exact code to cut and paste for your purpose.
    Nexxterra.com Web Hosting and Domain Registration
    MassiveServers.com Dedicated servers - Miami, Florida, USA
    BuyAWebName.com Domain name registration

  3. #3
    You can certainly use something like a firewall as well to block most computers from particular countries. At one point I used ConfigServer Firewall to block email logins from most countries on earth. However, I ran into some problems with CSF. I don't know whether they were related to that or something else. I'm using APF now.

    And blocking entire countries is not my current approach. My current approach is to use strong passwords, ban hacking IPs, and use blacklists to block known problem IPs.

  4. #4
    To clarify: I'm using BFD (comes with APF) to block IPs with too many failed login attempts. I've reduced the number of failures required somewhat -- not too much. BFD runs off of a cron, but you can also make the checking cron run more frequently.

    I may have 100 attempts to hack before a hacking IP is blocked. But with the password complexity I'm requiring of all users, that's no big deal. They're not getting in.

  5. #5
    Quote Originally Posted by VPS Man View Post
    You can certainly use something like a firewall as well to block most computers from particular countries. At one point I used ConfigServer Firewall to block email logins from most countries on earth. However, I ran into some problems with CSF. I don't know whether they were related to that or something else. I'm using APF now.

    And blocking entire countries is not my current approach. My current approach is to use strong passwords, ban hacking IPs, and use blacklists to block known problem IPs.
    Mine is 2 GB RAM VPS so I'd not want to run CSF etc due to memory crunch.

    I wish Cpanel should have provided this feature.

    Why do hackers want to login into my system? What nefarious activity do they want to do?

Similar Threads

  1. Too many WP failed login attempts
    By kandyjet in forum Hosting Security and Technology
    Replies: 2
    Last Post: 07-21-2013, 06:04 PM
  2. Restric Cpanel login to one particular country
    By whatiswhatha in forum Hosting Security and Technology
    Replies: 5
    Last Post: 06-08-2009, 06:01 AM
  3. Unauthorised login attempts
    By jaiweb in forum Hosting Security and Technology
    Replies: 6
    Last Post: 01-01-2007, 11:21 AM
  4. cPanel unauthorized login attempts
    By mikedeal in forum Hosting Security and Technology
    Replies: 0
    Last Post: 08-08-2006, 01:51 PM
  5. constant login attempts
    By spuntotheratboy in forum Hosting Security and Technology
    Replies: 6
    Last Post: 12-11-2005, 12:15 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •