This object is in archive!
Custom page for clients with blocked ip on cPHulk
Needs Feedback
A custom page would be displayed when a customer gets his IP blocked by cPHulk and tries to open any of the pages from the server.
This custom page would inform the customer that his IP is blocked for XX days/hours and he should contact support in order to fix that.
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
It is unlikely that this feature will be implemented in the form you've described. We explicitly do not return a custom page that reveals the block has occurred as a means of not exposing to any abusers exactly what your thresholds are set to via "testing the fence". With such a page, the abuser knows what's an invalid password and what's just being rejected by cPHulk. This then allows them to tailor their script to ride "under the radar" and not trip cPHulk. That's one example of why we intentionally do not have such a page returned.
It is unlikely that this feature will be implemented in the form you've described. We explicitly do not return a custom page that reveals the block has occurred as a means of not exposing to any abusers exactly what your thresholds are set to via "testing the fence". With such a page, the abuser knows what's an invalid password and what's just being rejected by cPHulk. This then allows them to tailor their script to ride "under the radar" and not trip cPHulk. That's one example of why we intentionally do not have such a page returned.
It is unlikely that this feature will be implemented in the form you've described. We explicitly do not return a custom page that reveals the block has occurred as a means of not exposing to any abusers exactly what your thresholds are set to via "testing the fence". With such a page, the abuser knows what's an invalid password and what's just being rejected by cPHulk. This then allows them to tailor their script to ride "under the radar" and not trip cPHulk. That's one example of why we intentionally do not have such a page returned.
It is unlikely that this feature will be implemented in the form you've described. We explicitly do not return a custom page that reveals the block has occurred as a means of not exposing to any abusers exactly what your thresholds are set to via "testing the fence". With such a page, the abuser knows what's an invalid password and what's just being rejected by cPHulk. This then allows them to tailor their script to ride "under the radar" and not trip cPHulk. That's one example of why we intentionally do not have such a page returned.
I think this can be very usefull, because In most of the cases normal clients are blocked... and besides that, nothing changes for the attacker if he sees that he was blocked or not.
I think this can be very usefull, because In most of the cases normal clients are blocked... and besides that, nothing changes for the attacker if he sees that he was blocked or not.
It still can be optional to inform about the block.
Another way could be to inform cpanel account holders via email about a block. Would be good to show the bruteforce attacks on cpanel logins.
That would help when one user in a company has triggered a block for the whole internetconnection and other users are complaining about an nonworking cpanel.
It still can be optional to inform about the block.
Another way could be to inform cpanel account holders via email about a block. Would be good to show the bruteforce attacks on cpanel logins.
That would help when one user in a company has triggered a block for the whole internetconnection and other users are complaining about an nonworking cpanel.
Replies have been locked on this page!