Save login security configuration settings

This function modifies cPHulk's configuration settings.

SecurityBasicAuth
Request
query Parameters
block_brute_force_with_firewall
integer
Default: 0

Whether to use the server firewall to block brute force attacks.

  • 1 — Use the firewall.
  • 0 — Do not use the firewall.
Enum: 0 1
Example: block_brute_force_with_firewall=0
block_excessive_brute_force_with_firewall
integer
Default: 0

Whether to use the server firewall to block excessive brute force attacks.

  • 1 — Use the firewall.
  • 0 — Do not use the firewall.
Enum: 0 1
Example: block_excessive_brute_force_with_firewall=0
brute_force_period_mins
integer >= 1
Default: 5

The number of minutes over which cPHulk measures all login attempts to a specific user's account.

Example: brute_force_period_mins=5
command_to_run_on_brute_force
string
Default: ""

The command to run when an IP address triggers brute force protection.

Note:

For a list of commands, read the Command variables section of our cPHulk Brute Force Protection documentation.

Example: command_to_run_on_brute_force=
command_to_run_on_excessive_brute_force
string
Default: ""

The command to run when the system blocks an IP address for a one day period.

Note:

For a list of commands, read the Command variables section of our cPHulk Brute Force Protection documentation.

Example: command_to_run_on_excessive_brute_force=
ip_based_protection
integer
Default: 1

Whether to enable IP address-based protection on all requests.

  • 1 — Enable IP-based protection.
  • 0 — Disable IP-based protection.

Note:

If you set this parameter to 0, you cannot use the following parameters:

  • block_brute_force_with_firewall
  • block_excessive_brute_force_with_firewall
  • ip_brute_force_period_mins
Enum: 0 1
Example: ip_based_protection=1
ip_brute_force_period_mins
integer >= 1
Default: 15

The number of minutes in which cPHulk measures an attacker's login attempts.

Example: ip_brute_force_period_mins=15
lookback_period_min
integer >= 0
Default: 360

The number of minutes over which cPHulk counts failed logins against a user.

Example: lookback_period_min=360
mark_as_brute
integer >= 0
Default: 30

The maximum number of failures from a specific IP address before cPHulk blocks that address for a two-week period.

Example: mark_as_brute=30
max_failures
integer >= 0
Default: 30

The maximum number of failures that cPHulk allows per account within the defined time range.

Example: max_failures=30
max_failures_byip
integer >= 0
Default: 5

The maximum number of failures from a specific IP address before cPHulk locks out that address.

Example: max_failures_byip=5
notify_on_brute
integer
Default: 0

Whether cPHulk will send a notification when it detects a brute force attack.

  • 1 — Send the notification.
  • 0 — Do not send the notification.
Enum: 0 1
Example: notify_on_brute=0
notify_on_root_login
integer
Default: 0

Whether cPHulk will send a notification when the root user successfully logs in from an IP address that is not on the whitelist.

  • 1 — Send the notification.
  • 0 — Do not send the notification.
Enum: 0 1
Example: notify_on_root_login=0
notify_on_root_login_for_known_netblock
integer
Default: 0

Whether cPHulk sends a notification upon successful root login when the IP address is not on the whitelist, but from a known netblock.

  • 1 — Send the notification.
  • 0 — Do not send the notification.
Enum: 0 1
Example: notify_on_root_login_for_known_netblock=0
skip_enabled_check
integer
Default: 0

Whether to skip checking if cPHulk runs on the server.

  • 1 — Don't check cPHulk's status.
  • 0 — Check cPHulk's status.

Note:

If cPHulk is disabled, the function returns the following message: cPHulk is disabled on the server.

Enum: 0 1
Example: skip_enabled_check=0
username_based_protection
integer
Default: 0

Whether to enable username-based protection on all requests.

  • 1 — Enable.
  • 0 — Disable.
Enum: 0 1
Example: username_based_protection=0
username_based_protection_for_root
integer
Default: 0

Whether to allow username-based protection to lock out the root user.

  • 1 — Allow.
  • 0 — Do not allow.
Enum: 0 1
Example: username_based_protection_for_root=0
username_based_protection_local_origin
integer
Default: 1

Whether to enable username-based protection only on requests that originate from a local IP address.

  • 1 — Enable.
  • 0 — Disable.
Enum: 0 1
Example: username_based_protection_local_origin=1
Responses
200

HTTP Request was successful.

Response Schema: application/json
object
object
get/save_cphulk_config
Request samples 
whmapi1 --output=jsonpretty \
  save_cphulk_config
Response samples
application/json
{
  • "data": {
    • "cphulk_config": {
      • "block_brute_force_with_firewall": 0,
      • "block_excessive_brute_force_with_firewall": 0,
      • "brute_force_period_mins": 5,
      • "brute_force_period_sec": 300,
      • "can_temp_ban_firewall": 1,
      • "command_to_run_on_brute_force": "",
      • "command_to_run_on_excessive_brute_force": "",
      • "ip_based_protection": 1,
      • "ip_brute_force_period_mins": 15,
      • "ip_brute_force_period_sec": 900,
      • "is_enabled": 1,
      • "lookback_period_min": 360,
      • "lookback_time": 21600,
      • "mark_as_brute": 30,
      • "max_failures": 30,
      • "max_failures_byip": 5,
      • "notify_on_brute": 0,
      • "notify_on_root_login": 0,
      • "notify_on_root_login_for_known_netblock": 0,
      • "username_based_protection": 0,
      • "username_based_protection_for_root": 0,
      • "username_based_protection_local_origin": 1
      },
    • "restart_ssh": 1,
    • "warning": null
    },
  • "metadata": {
    • "command": "save_cphulk_config",
    • "reason": "OK",
    • "result": 1,
    • "version": 1
    }
}
©2024 WebPros International, LLC All rights reserved.Privacy PolicyTrademarks