Jump to content

[Solved] CPanel Login Issue

mariusm98

By mariusm98
in Escalated Requests

 Share

Recommended Posts

Guest Geoff

Guest Geoff

Posted
Posted

I believe that a brute force attack occured, as the password reset box is missing and some users are requesting their passwords reset.

 

Also, SSH appears to be down right now. [On stevie]

  • Replies 38
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Guest Geoff

Guest Geoff

Posted
Posted
Does that mean the hompage connection has an issue? Strange that the other ways wouldn't work? Anyway, thanks!!

 

It appears that someone might have attempted to brute force our servers. However, that link works because to cpanel, it's coming from a local IP:

 

Instead of

 

You --> Cpanel

 

It's

 

You --> Apache --> Cpanel

 

However, if someone uses that URL to brute force our servers, it will become blocked as well.

jje Newbie

jje

Posted
Posted

@djbob - As well as the brute force issue, could you also enable Password Reset on Johnny?

 

Thanks,

Guest Geoff

Guest Geoff

Posted
Posted
@djbob - As well as the brute force issue, could you also enable Password Reset on Johnny?

 

I think cpanel disabled password reset because brute force protection was on.

jje Newbie

jje

Posted
Posted

Each separate address is a separate brute force detector.

 

Port 2082 is blocked (the HelioHost homepage uses this) apparently.

Port 2083 is unblocked unless somebody brute forces that apparently.

Port 80 (cpanel.heliohost.org) is unblocked unless somebody brute forces that apparently.

 

I am saying 'apparently' as I have not tried yet nor do I have any proof, as I am not in the place at the mo.

 

@Geoff - Hmm... maybe. But I have never seen password reset on Johnny before and I have always wondered why.

 

@Geoff - I'm a bit confused at the moment. Is brute force stopping all users for Stevie or Johnny or both. Is it just port 2082 affected at the mo?

Guest Geoff

Guest Geoff

Posted
Posted
Port 80 (cpanel.heliohost.org) is unblocked unless somebody brute forces that apparently.

 

That is actually a proxy to http://stevie:2082/ [On the local network, so don't have to use .heliohost.org]

 

I am saying 'apparently' as I have not tried yet nor do I have any proof, as I am not in the place at the mo.

 

I have no idea how cpanel brute force protection works. It's closed-source so I can't really find out.

Ahmedb Newbie

Ahmedb

Posted
Posted

Until yesterday I could login to my account and check my email through my iPod mail client. Now I cannot check the mail (it says "incorrect username or password) and I get login attempt failed on cPanel. My site is working fine. Server:Stevie

Domain: www.alphadev.tk

DNS: ns1.heliohost.org ns2.heliohost.org

 

UPDATE: apparently I can login from cpanel.heliohost.org,But still no good news on mail...

Guest Geoff

Guest Geoff

Posted
Posted
@Geoff - I'm a bit confused at the moment. Is brute force stopping all users for Stevie or Johnny or both. Is it just port 2082 affected at the mo?

 

Both login pages on 2082. It appears that only select accounts are being locked out; I can log in correctly.

 

Update: It appears I can no longer login on stevie.

 

It also appears that http://stevie.heliohost.org is not displaying the account page, but an empty account.

ORKU Newbie

ORKU

Posted
Posted

I appologize fot the trouble, but I seemed to have locked my account named 'turieu' . Probably because I have forgotten my PWD and exceeded the number of allowed tries.

 

Should you be kind to unlock it for me, I promise to keep th PWD in a safe place and not to bother you wiuth such request in the future. I will however bother you with other technical staff :rolleyes: :rolleyes:

mariusm98 Newbie

mariusm98

Posted
  • Author
Posted
Your account has been suspended due to inactivity to your cPanel. Please use the renew script:

 

http://heliohost.org/scripts/renew.php

 

We recommend you login thru the HelioHost homepage ;)

 

Very odd. I have logged into my cpanel at least once a week over the last few months. Always from here:

 

http://www.heliohost.org/home/

 

Anyhow, I followed your advice, but login still fails. Then I see Geoff's advice, put that page crashes my Chrome browser. In IE it works, however. Strange stuff..

 

 

Thanks a lot.

 

Marius

Guest Geoff

Guest Geoff

Posted
Posted

I'm using chrome, and It doesn't crash my browser.

Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...