Blog » Cpanel Brute Force Detection and Blacklisting Cpanel Brute Force Detection and Blacklisting cPHulk is cPanel’s brute force detection service. You turn on cPHulk Brute Force Protection to prevent malicious forces from trying to access your server’s services by guessing the login password for that service. If you have users creating weak passwords it is surprisingly easy to guess passwords use dictionary attacks. Thus, by limiting the chances an unknown user has at guessing your password you are reducing the chances they have at guessing the correct password. Our Experience with Brute Force Attacks You might ask how likely is it to actually have someone try to break into your server? When we turn on a new server with a public facing IP address we get attacked within seconds. The shear volume of generic attacks coming out of Russia and China are staggering. We have one server that gets hit with gigabytes worth of attacks every month. And we are just an SEO and web development company. I have a friend who manages IT for a major university. The volume and tenacity of attacks that they face are significantly greater. Most attacks that come at Fruition’s servers have known signatures which makes the hackers just out fishing for an easy target. The hard attacks to prevent are the targeted attacks when the hackers are going after a specific company or service. Back to cPanel’s CPHulk Configuring CPHulk is extremely simple and only takes a few seconds to get up and running. I recommend changing “Maximum Failures Per IP” down to 2. It’s easy for hackers to use proxies to rapidly change IP addresses thus you want them to deplete their IP addresses quickly as opposed to getting several tries with each IP. I like to turn on the brute force notification. If nothing else it keeps me cognizant of the efforts to break in.