Update login security configuration settings

This function sets cPHulk's configuration settings.

SecurityBasicAuth
Request
query Parameters
block_brute_force_with_firewall
integer
Default: 0

Whether to use cPanel & WHM's firewall to block brute force attacks.

Enum: 0 1
Example: block_brute_force_with_firewall=0
block_excessive_brute_force_with_firewall
integer
Default: 0

Whether to use cPanel & WHM's firewall to block excessive brute force attacks.

Enum: 0 1
Example: block_excessive_brute_force_with_firewall=0
brute_force_period_mins
integer >= 1
Default: 5

The number of minutes over which cPHulk measures all login attempts to a specific user's account.

Example: brute_force_period_mins=5
brute_force_period_sec
integer

The number of seconds over which cPHulk measures all login attempts to a specific user's account. Note: The parameter defaults to the brute_force_period_mins parameter's value multiplied by 60.

Example: brute_force_period_sec=300
command_to_run_on_brute_force
string
Default: "an empty string"

The command to run when an IP address triggers brute force protection.

Note:

For a list of commands, read the Command Variables section of our cPHulk Brute Force Protection documentation.

Example: command_to_run_on_brute_force=
command_to_run_on_excessive_brute_force
string
Default: "an empty string"

The command to run when the system blocks an IP address blocked for a one day period.

Note:

For a list of commands, read the Command Variables section of our cPHulk Brute Force Protection documentation.

Example: command_to_run_on_excessive_brute_force=
country_blacklist
string
Default: "an empty string"

The countries to blacklist.

Note:

This value overwrites the current blacklist. Enter a comma-separated list to enter more than one value. For a list of countries, run the WHM API 1 get_countries_with_known_ip_ranges function.

Example: country_blacklist=PK,BR
country_whitelist
string
Default: "an empty string"

The countries to whitelist.

Note:

This value overwrites the current whitelist. Enter a comma-separated list to enter more than one value. For a list of countries, run the WHM API 1 get_countries_with_known_ip_ranges function.

Example: country_whitelist=US,AU
ip_based_protection
integer
Default: 1

Whether to enable IP address-based protection on all requests.

  • 1 - Enable IP-based protection.
  • 0 - Disable IP-based protection.

Note:

If you set the ip_based_protection parameter to 0, you cannot use the following parameters:

  • block_brute_force_with_firewall
  • block_excessive_brute_force_with_firewall
  • ip_brute_force_period_mins
  • ip_brute_force_period_sec
Enum: 0 1
Example: ip_based_protection=1
ip_brute_force_period_mins
integer
Default: 15

The number of minutes in which cPHulk measures an attacker's login attempts.

Example: ip_brute_force_period_mins=15
ip_brute_force_period_sec
integer

The number of seconds in which cPHulk measures an attacker's login attempts. Note: The parameter defaults to the ip_brute_force_period_mins parameter's value multiplied by 60.

Example: ip_brute_force_period_sec=900
is_enabled
integer
Default: 1

Whether to enable the cPHulk service.

  • 1 - Enable.
  • 0 - Disable.
Enum: 0 1
Example: is_enabled=1
lookback_period_min
integer
Default: 360

The number of minutes over which cPHulk counts failed logins against a user.

Example: lookback_period_min=360
lookback_time
integer

The number of seconds over which cPHulk counts failed logins against a user.

Note:

The parameter defaults to the lookback_period_min parameter's value multiplied by 60.

Example: lookback_time=21600
mark_as_brute
integer
Default: 30

The maximum number of failures from a specific IP address before cPHulk blocks that address for a two-week period.

Example: mark_as_brute=30
max_failures
integer
Default: 30

The maximum number of failures that cPHulk allows per account within the defined time range.

Example: max_failures=30
max_failures_byip
integer
Default: 5

The maximum number of failures from a specific IP address before cPHulk locks out that address.

Example: max_failures_byip=5
notify_on_brute
integer
Default: 0

Whether cPHulk will send a notification when it detects a brute force attack.

  • 1 - Send the notification.
  • 0 - Do not send the notification.
Enum: 0 1
Example: notify_on_brute=0
notify_on_root_login
integer
Default: 0

Whether cPHulk will send a notification when the root user successfully logs in from an IP address that is not on the whitelist.

  • 1 - Send the notification.
  • 0 - Do not send the notification.
Enum: 0 1
Example: notify_on_root_login=0
notify_on_root_login_for_known_netblock
integer
Default: 0

Whether cPHulk sends a notification upon successful root login when the IP address is not on the whitelist, but from a known netblock.

  • 1 - Send the notification.
  • 0 - Do not send the notification.
Enum: 0 1
Example: notify_on_root_login_for_known_netblock=0
username_based_protection
integer
Default: 0

Whether to enable username-based protection on all requests.

  • 1 - Enable.
  • 0 - Disable.
Enum: 0 1
Example: username_based_protection=0
username_based_protection_for_root
integer
Default: 0

Whether to allow username-based protection to lock out the root user.

  • 1 - Allow.
  • 0 - Do not allow.
Enum: 0 1
Example: username_based_protection_for_root=0
username_based_protection_local_origin
integer
Default: 1

Whether to enable username-based protection only on requests that originate from a local IP address.

  • 1 - Enable.
  • 0 - Disable.
Enum: 0 1
Example: username_based_protection_local_origin=1
Responses
200

HTTP Request was successful.

Response Schema: application/json
object
object
get/set_cphulk_config_key
Request samples
whmapi1 --output=jsonpretty \
  set_cphulk_config_key
Response samples
application/json
{
  • "data": {
    • "cphulk_config": {
      • "block_brute_force_with_firewall": 0,
      • "block_excessive_brute_force_with_firewall": 0,
      • "brute_force_period_mins": 5,
      • "brute_force_period_sec": 300,
      • "can_temp_ban_firewall": 1,
      • "command_to_run_on_brute_force": "",
      • "command_to_run_on_excessive_brute_force": "",
      • "country_blacklist": "PK,BR",
      • "country_whitelist": "US,AU",
      • "ip_based_protection": 1,
      • "ip_brute_force_period_mins": 15,
      • "ip_brute_force_period_sec": 900,
      • "is_enabled": 1,
      • "lookback_period_min": 360,
      • "lookback_time": 21600,
      • "mark_as_brute": 30,
      • "max_failures": 30,
      • "max_failures_byip": 5,
      • "notify_on_brute": 0,
      • "notify_on_root_login": 0,
      • "notify_on_root_login_for_known_netblock": 0,
      • "username_based_protection": 0,
      • "username_based_protection_for_root": 0,
      • "username_based_protection_local_origin": 1
      }
    },
  • "metadata": {
    • "command": "set_cphulk_config_key",
    • "reason": "OK",
    • "result": 1,
    • "version": 1
    }
}