12 {{ upvoteCount | shortNum }}
12 {{ upvoteCount | shortNum }}

CPanel IP Deny Manager - Does it really work?

by azmanar
9 replies
Hi,

After thousands of attempts to crack into one of my WP Sites, I've started to use Cpanel's IP Deny Manager.

Would like to ask anyone who is familiar with it, whether this CPanel function really works or not.

The crackers' IPs come from a myriad of origins. There seems to be no pattern, so I can't really use the implied range function like this XXX.XXX.XXX.0-255 . It is taking me a lot of work to ban each one of them.

Are there alternatives?

Thanks.
#cpanel #deny #manager #work
  • Profile picture of the author Jack Gordon
    I haven't tried to ban IP's through Cpanel, but I have done it through WHM. If you have access to your WHM, it is devastatingly effective.

    Although this is a bit out of my level of experience, you should be able to set it up to automatically ban visitors with certain patterns of activity...
    Signature
    Fifteen Lessons I have learned over 15 years and six businesses (or, My 1000th-Post Manifesto)
    {{ DiscussionBoard.errors[8159245].message }}
  • Profile picture of the author iAmNameLess
    IP Deny through Cpanel is definitely effective. What people are doing when trying to brute force their way in, are setting up rotating proxies. Just keep banning them... I've been battling some chinese hackers for about 3 months now. After banning about 60 IP's, I only find a new IP once every other week or so. Just be persistent.
    Signature
    {{ DiscussionBoard.errors[8159444].message }}
    • Profile picture of the author azmanar
      Originally Posted by iAmNameLess View Post

      IP Deny through Cpanel is definitely effective. What people are doing when trying to brute force their way in, are setting up rotating proxies. Just keep banning them... I've been battling some chinese hackers for about 3 months now. After banning about 60 IP's, I only find a new IP once every other week or so. Just be persistent.
      Hi,

      I love the sentence "Just be persistent".

      The key attitude to successful ventures.

      Thanks.
      Signature
      === >>> Tomorrow Should Be Better Than Today
      {{ DiscussionBoard.errors[8161051].message }}
  • Profile picture of the author Kingfish85
    Originally Posted by azmanar View Post

    Hi,

    After thousands of attempts to crack into one of my WP Sites, I've started to use Cpanel's IP Deny Manager.

    Would like to ask anyone who is familiar with it, whether this CPanel function really works or not.

    The crackers' IPs come from a myriad of origins. There seems to be no pattern, so I can't really use the implied range function like this XXX.XXX.XXX.0-255 . It is taking me a lot of work to ban each one of them.

    Are there alternatives?

    Thanks.
    Hi there Azman,

    The site that you're having problems with, is this one hosted with us? If so, I'd certainly like to look into this and the ranges to see how much of assistance we could be.

    One thing I'd recommend also doing, is password protecting the login area - are they attempting to use the wp-admin area? If so, password protection should stop them from even getting to the login screen.

    If you could give me some additional details, I'd certainly sit down and see what we can work with without blocking large ranges that could potentially block viewers as well.

    Thanks,
    Brent
    Signature

    |~| VeeroTech Hosting - sales @ veerotech.net
    |~| High Performance CloudLinux & LiteSpeed Powered Web Hosting
    |~| cPanel & WHM - Softaculous - Website Builder - R1Soft - SpamExperts
    |~| Visit us @veerotech Facebook - Twitter - LinkedIn

    {{ DiscussionBoard.errors[8159484].message }}
    • Profile picture of the author azmanar
      Originally Posted by Kingfish85 View Post

      Hi there Azman,

      The site that you're having problems with, is this one hosted with us? If so, I'd certainly like to look into this and the ranges to see how much of assistance we could be.

      One thing I'd recommend also doing, is password protecting the login area - are they attempting to use the wp-admin area? If so, password protection should stop them from even getting to the login screen.

      If you could give me some additional details, I'd certainly sit down and see what we can work with without blocking large ranges that could potentially block viewers as well.

      Thanks,
      Brent
      Hi Brent,

      The sites I have hosted with you, are seeing diminishing cracking attempts. Maybe once in a while I see some weak spikes but not worrying at all. I guess you have very good systems in place for us. Thanks for giving me the peace of mind.

      The sites I'm having problem with right now are hosted elsewhere. There are an increase in frequency and to date already over 7,000 cracking attempts aimed at one. Just would like to solve the issue and retain the sites there. Both are making me good money and networks.

      Let me see the effectiveness of CPanel IP Deny Manager until end of this week, as some Warriors here have vouched. I'll share it here.
      Signature
      === >>> Tomorrow Should Be Better Than Today
      {{ DiscussionBoard.errors[8161041].message }}
      • Profile picture of the author Kingfish85
        Originally Posted by azmanar View Post

        Hi Brent,

        The sites I have hosted with you, are seeing diminishing cracking attempts. Maybe once in a while I see some weak spikes but not worrying at all. I guess you have very good systems in place for us. Thanks for giving me the peace of mind.

        The sites I'm having problem with right now are hosted elsewhere. There are an increase in frequency and to date already over 7,000 cracking attempts aimed at one. Just would like to solve the issue and retain the sites there. Both are making me good money and networks.

        Let me see the effectiveness of CPanel IP Deny Manager until end of this week, as some Warriors here have vouched. I'll share it here.
        Hi Azman,

        I would be willing to be that most of the IP's attempting to log into Wordpress are probably attempting to hit cPanel & port scan as well. Anything that attempts to port scan our servers is automatically blacklisted and the same goes for multiple failed cPanel logins back to back.

        The cPanel IP Deny manager will certainly work.

        -Brent
        Signature

        |~| VeeroTech Hosting - sales @ veerotech.net
        |~| High Performance CloudLinux & LiteSpeed Powered Web Hosting
        |~| cPanel & WHM - Softaculous - Website Builder - R1Soft - SpamExperts
        |~| Visit us @veerotech Facebook - Twitter - LinkedIn

        {{ DiscussionBoard.errors[8161660].message }}
  • Profile picture of the author CyberAlien
    You could always start using CloudFlare's DNS system which will automatically block a lot of that IPs that they know are malicious.
    {{ DiscussionBoard.errors[8159604].message }}
  • Profile picture of the author GarrieWilson
    Don't bother banning IPs (manually anyway). Use a WordPress login script to do it. I use "Limit Login Attempts".

    As to your question, yes it works.

    -g
    Signature
    Screw You, NameCheap!
    $1 Off NameSilo Domain Coupons:
    SAVEABUCKDOMAINS & DOLLARDOMAINSAVINGS
    {{ DiscussionBoard.errors[8159748].message }}
  • Profile picture of the author msharmjia
    Even i am thinking to ban some of the visitors which are really useless. Now i am not sure that they are coming manually or sending some bots to fill in one of the review form on my site. I don't want to put captcha kind of things there. I just want to kick these shits away..
    Yes i do have WHM with me. Can anyone tell me the way to use it and kick away them?
    {{ DiscussionBoard.errors[8162039].message }}

Trending Topics