# Update login security configuration settings This function modifies a single cPHulk configuration settings as specified. Endpoint: GET /set_cphulk_config_key Version: 11.134.0.5 Security: BasicAuth ## Query parameters: - `key` (string, required) The configuration key for the setting to set/modify. It should be one of the following: * - Whether to use cPanel & WHM's firewall to block brute force attacks. * - Whether to use cPanel & WHM's firewall to block excessive brute force attacks. * - The number of minutes over which cPHulk measures all login attempts to a specific user's account. * - The number of seconds over which cPHulk measures all login attempts to a specific user's account. * - The command to run when an IP address triggers brute force protection. * - The command to run when the system blocks an IP address blocked for a one day period. * - The countries to blacklist. * - The countries to whitelist. * - Whether to enable IP address-based protection on all requests. * - The number of minutes in which cPHulk measures an attacker's login attempts. * - The number of seconds in which cPHulk measures an attacker's login attempts. * - Whether to enable the cPHulk service. * - The number of minutes over which cPHulk counts failed logins against a user. * - The number of seconds over which cPHulk counts failed logins against a user. * - The maximum number of failures from a specific IP address before cPHulk blocks that address for a two-week period. * - The maximum number of failures that cPHulk allows per account within the defined time range. * - The maximum number of failures from a specific IP address before cPHulk locks out that address. * - Whether cPHulk will send a notification when it detects a brute force attack. * - Whether cPHulk will send a notification when the root user successfully logs in from an IP address that is on the whitelist. * - Whether cPHulk sends a notification upon successful root login when the IP address is on the whitelist, but from a known netblock. * - Whether to enable username-based protection on all requests. * - Whether to allow username-based protection to lock out the root user. * - Whether to enable username-based protection only on requests that originate from a local IP address. Enum: "block_brute_force_with_firewall", "block_excessive_brute_force_with_firewall", "brute_force_period_mins", "brute_force_period_sec", "command_to_run_on_brute_force", "command_to_run_on_excessive_brute_force", "country_blacklist", "country_whitelist", "ip_based_protection", "ip_brute_force_period_mins", "ip_brute_force_period_sec", "is_enabled", "lookback_period_min", "lookback_time", "mark_as_brute", "max_failures", "max_failures_byip", "notify_on_brute", "notify_on_root_login", "notify_on_root_login_for_known_netblock", "username_based_protection", "username_based_protection_for_root", "username_based_protection_local_origin" - `value` (any, required) The new value for the specified key. The allowable value depends on which key is being set. For the following keys, the value must be 0 or 1: * * * * * * * * * * For the following keys, the value must be an integer which specifies a number of minutes or seconds: * * * * * * - This one is in seconds despite not having in the name These keys require the value to be a string containing a command to be run: (For a list of commands, read the _Command Variables_ section of our cPHulk Brute Force Protection documentation.) * * These keys require the value to be a string containing a comma-separated list of country codes: (For a list of countries, run the WHM API 1 function.) * * The following keys require an integer representing a maximum number of failures * * * Example: 1 ## Response 200 fields (application/json): - `data` (object) - `data.cphulk_config` (object) cPHulk configuration settings. - `data.cphulk_config.block_brute_force_with_firewall` (integer) Whether to use cPanel & WHM's firewall to block brute force attacks. * - Use the firewall. * - Do use the firewall. Enum: 0, 1 - `data.cphulk_config.block_excessive_brute_force_with_firewall` (integer) Whether to use cPanel & WHM's firewall to block excessive brute force attacks. * - Use the firewall. * - Do use the firewall. Enum: 0, 1 - `data.cphulk_config.brute_force_period_mins` (integer) The number of minutes over which cPHulk measures all login attempts to a specific user's account. Example: 5 - `data.cphulk_config.brute_force_period_sec` (integer) The number of seconds over which cPHulk measures all login attempts to a specific user's account. Example: 300 - `data.cphulk_config.can_temp_ban_firewall` (integer) Whether the system firewall can apply temporary IP address bans. * - Can temporarily apply IP address bans. * - Cannot temporarily apply IP address bans. If this return's value is 0, then the is available, which means that you cannot use the following parameters: * * * * Enum: 0, 1 - `data.cphulk_config.command_to_run_on_brute_force` (string) The command to run when an IP address triggers brute force protection. - A valid command. - An empty string. - `data.cphulk_config.command_to_run_on_excessive_brute_force` (string) The command to run when the system blocks an IP address blocked for a one day period. * A valid command. * An empty string. - `data.cphulk_config.country_blacklist` (string) The countries to blacklist. A comma-separated list of valid ISO 3166-1 alpha-2 country codes. This value may be empty. Example: "PK,BR" - `data.cphulk_config.country_whitelist` (string) The countries to whitelist. A comma-separated list of valid ISO 3166-1 alpha-2 country codes. This value may be empty. Example: "US,AU" - `data.cphulk_config.ip_based_protection` (integer) Whether IP address-based protection on all requests is enabled. * - Enabled. * - Disabled. Enum: 0, 1 - `data.cphulk_config.ip_brute_force_period_mins` (integer) The number of minutes in which cPHulk measures an attacker's login attempts. Example: 15 - `data.cphulk_config.ip_brute_force_period_sec` (integer) The number of seconds in which cPHulk measures an attacker's login attempts. Example: 900 - `data.cphulk_config.is_enabled` (integer) Whether the cPHulk service is enabled. * - Enabled. * - Disabled. Enum: 0, 1 - `data.cphulk_config.lookback_period_min` (integer) The number of minutes over which cPHulk counts failed logins against a user. Example: 360 - `data.cphulk_config.lookback_time` (integer) The number of seconds over which cPHulk counts failed logins against a user. Example: 21600 - `data.cphulk_config.mark_as_brute` (integer) The maximum number of failures from a specific IP address before cPHulk blocks that address for a two-week period. Example: 30 - `data.cphulk_config.max_failures` (integer) The maximum number of failures that cPHulk allows per account within the defined time range. Example: 30 - `data.cphulk_config.max_failures_byip` (integer) The maximum number of failures from a specific IP address before cPHulk locks out that address. Example: 5 - `data.cphulk_config.notify_on_brute` (integer) Whether cPHulk will send a notification when it detects a brute force attack. * - Send the notification. * - Do send the notification. Enum: 0, 1 - `data.cphulk_config.notify_on_root_login` (integer) Whether cPHulk will send a notification when the root user successfully logs in from an IP address that is on the whitelist. * - Send the notification. * - Do send the notification. Enum: 0, 1 - `data.cphulk_config.notify_on_root_login_for_known_netblock` (integer) Whether cPHulk sends a notification upon successful root login when the IP address is on the whitelist, but from a known netblock * - Send the notification. * - Do send the notification. Enum: 0, 1 - `data.cphulk_config.username_based_protection` (integer) Whether username-based protection on all requests is enabled. * - Enabled. * - Disabled. Enum: 0, 1 - `data.cphulk_config.username_based_protection_for_root` (integer) Whether username-based protection can lock out the root user. * - Allowed. * - Not allowed. Enum: 0, 1 - `data.cphulk_config.username_based_protection_local_origin` (integer) Whether username-based protection only on requests that originate from a local IP address. * - Enabled. * - Disabled. Enum: 0, 1 - `metadata` (object) - `metadata.command` (string) The method name called. Example: "set_cphulk_config_key" - `metadata.reason` (string) The reason the API function failed when the field is 0. This field may display a success message when a function succeeds. Example: "OK" - `metadata.result` (integer) * - Success * - Failed: Check the reason field for more details. Enum: 0, 1 - `metadata.version` (integer) The version of the API function. Example: 1