cPHulk is a brute force protection system developed by the cPanel team and is exclusive to cPanel / WHM control panels. This protects service like WHM, SSH,FTP,IMAP and POP3 by disabling the authentication to those service after a brute force attack is detected. cPHulk mainly blocked the IPs which have perform more than one wrong login attempt with in a tiny time limit. If we need to remove a particular IP from the cPHulk deny list this is possible in two ways, Either from WHM or through database.

Let us see how to remove IP from database.

• First you need to SSH to the server as root.
• # mysql (prompt should change to mysql)
• mysql> use cphulkd; (database changed )
• Make a database table backup. ( mysql>BACKUP TABLE `brutes` TO ‘/path/to/backup/directory’; )
• Find the particular IP from table. (mysql> SELECT * FROM `brutes` WHERE `IP`=’xxx.xxx.xxx.xxx’; )
• Delete a particular IP from the table. (mysql> DELETE FROM `brutes` WHERE `IP`=’xxx.xxx.xxx.xxx’; )
• Quit from MySQL ( mysql>quit )

To flush full database

• mysql> delete from brutes;
• mysql> delete from logins

If you require help, contact SupportPRO Server Admin