User root blocked – cPHulk Brute Force Protection

Had a few clients lately blocking them self out and when i say blocking i mean blocking the user root because of them inserting the wrong password more then X times when Brute Force Protection was enabled on the server.

Of course that they were unable to login anymore to the server using the root user and more to it no one was able to login over an ssh connection.

A way around this is to access the server in single user and delete the blocked users:

mysql cphulkd
mysql> delete from brutes;
mysql> delete from logins;
mysql> quit

Now this happens usually if the following setting is set to low when setting up Brute Force Protection:

Maximum Failures By Account:

For anyone who has this kind of issues you may want to create a second user on the server and add that user to the sudoers /etc/sudoers group so that if you block the root user out you will still be able to access the server and fix the problem.

All this goes also for anyone who uses another user to connect to the server and has root ssh access disabled.

Share/Bookmark