Today I am going to discuss about a very common problem related to cpanel or whm panel. Hackers always try to get root access for your hosting and to get the passwords they run script that will try continuously with various random passwords.

WHM panel has a built in feature to protect against brute force attack

Just login to your WHM panel and from there go to
Security Center -> cPHulk Brute Force Protection

Given settings is the most optimal cPHulk Brute Force Protection settings.

Now problem is it will prevent hackers at some extend, but sometimes you can find that you are unable to login to your whm panel as other hackers already tried and it ran the brute force protection and none can login to the panel for few mins.

WHM > Host Access Control area:

Daemon Access List Action Comment
whostmgrd YourIP allow
whostmgrd all deny

Now only allowed IP can login to the whm panel.