Child pages
  • WHM API 1 Functions - save_cphulk_config
Skip to end of metadata
Go to start of metadata

Description

This function modifies cPHulk's configuration settings.

Examples


 JSON API
https://hostname.example.com:2087/cpsess##########/json-api/save_cphulk_config?api.version=1&brute_force_period_mins=5
 XML API
https://hostname.example.com:2087/cpsess##########/xml-api/save_cphulk_config?api.version=1&brute_force_period_mins=5
 Command Line
whmapi1 save_cphulk_config brute_force_period_mins=5 
 Output (JSON)
{
  "data": {
    "restart_ssh": 0,
    "warning": "",
    "cphulk_config": {
      "is_enabled": 1,
      "ip_brute_force_period_mins": 15,
      "max_failures": 15,
      "brute_force_period_sec": 300,
      "lookback_period_min": "360",
      "mark_as_brute": 30,
      "ip_brute_force_period_sec": 900,
      "lookback_time": 21600,
      "brute_force_period_mins": 5,
      "notify_on_root_login": 0,
      "max_failures_byip": 5
    }
  },
  "metadata": {
    "version": 1,
    "reason": "OK",
    "result": 1,
    "command": "save_cphulk_config"
  }
}

 Output (XML)
<result>
    <data>
        <restart_ssh>0</restart_ssh>
        <warning/>
        <cphulk_config>
            <is_enabled>1</is_enabled>
            <ip_brute_force_period_mins>15</ip_brute_force_period_mins>
            <max_failures>15</max_failures>
            <brute_force_period_sec>300</brute_force_period_sec>
            <lookback_period_min>360</lookback_period_min>
            <mark_as_brute>30</mark_as_brute>
            <ip_brute_force_period_sec>900</ip_brute_force_period_sec>
            <lookback_time>21600</lookback_time>
            <brute_force_period_mins>5</brute_force_period_mins>
            <notify_on_root_login>0</notify_on_root_login>
            <max_failures_byip>5</max_failures_byip>
        </cphulk_config>
    </data>
    <metadata>
        <version>1</version>
        <reason>OK</reason>
        <result>1</result>
        <command>save_cphulk_config</command>
    </metadata>
</result>


Note:

Use WHM's API Shell interface (WHM >> Home >> Development >> API Shell) to directly test WHM API calls.

Parameters

ReturnTypeDescriptionPossible valuesExample
is_enabledBoolean

Whether the cPHulk service is enabled.

This parameter defaults to 1.

  • 1 — cPHulk is enabled.
  • 0 — cPhulk is disabled.
1
ip_brute_force_period_minsinteger

The number of minutes during which cPHulk will measure an attacker's login attempts.

This parameter defaults to 15. 

A valid integer between 1 and 1440.15
brute_force_period_minsinteger

The number of minutes during which cPHulk will measure all login attempts to a specific user's account.

This parameter defaults to 5.

A valid integer between 1 and 1440.5
max_failuresinteger

The maximum number of failures that cPHulk will allow per account within the defined time range.

This parameter defaults to 15.

A valid integer between 0 and 999999.30
max_failures_byipinteger

The maximum number of failures that cPHulk will allow per account from a specific IP address within the defined time range.

This parameter defaults to 5.

A valid integer between 0 and 999999.5
mark_as_bruteinteger

The maximum number of failures that cPHulk will allow per account from a specific IP address before the system locks out that address for two weeks.

This parameter defaults to 30.

A valid integer between 0 and 999999.30
lookback_period_mininteger

The number of minutes over which cPHulk counts failed logins against a user.

This parameter defaults to 360.

A valid integer between 0 and 999999.360
lookback_timeinteger

The number of seconds over which cPHulk counts failed logins against a user.

This parameter defaults to 21600.

A valid integer between 0  and 999999.21600
notify_on_bruteBoolean

Whether cPHulk will send a notification when it detects a brute force attack.

This parameter defaults to 1.

  • 1 — Send the notification.
  • 0 — Do not send the notification.
1
notify_on_root_loginBoolean

Whether cPHulk will send a notification when the root user successfully logs in from an IP address that is not on the whitelist.

This parameter defaults to 0.

  • 1 — Send the notification.
  • 0 — Do not send the notification.
1

Returns

ReturnTypeDescriptionPossible valuesExample
restart_sshBooleanWhether the system disabled UseDNS in the sshd.conf file and restarted the sshd daemon in order to allow cPHulk to add IP addresses to the whitelist.
  • 1 — Disabled UseDNS in the sshd daemon and restarted the sshd service.
  • 0 — Did not alter the sshd.conf file or restart the sshd service.
0
warningstringA warning message about the restart, if the restart_ssh value is 1.
  • null
  • A valid string.
null
cphulk_confighashA hash of cPHulk configuration settings.This hash contains the is_enabledip_brute_force_period_mins, ip_brute_force_period_sec, brute_force_period_mins, brute_force_period_sec, max_failuresmax_failures_byip, mark_as_brute,_period_minlookback_time,notify_on_brute, and notify_on_root_login returns. 

is_enabled

Boolean

Whether the cPHulk service is enabled.

The function returns this value in the cphulk_config hash.

  • 1 — cPHulk is enabled.
  • 0 — cPhulk is disabled.
1

ip_brute_force_period_mins

integer

The number of minutes in which cPHulk measures an attacker's login attempts.

The function returns this value in the cphulk_config hash.

A valid integer.15

ip_brute_force_period_sec

integer

The number of seconds in which cPHulk measures an attacker's login attempts.

The function returns this value in the cphulk_config hash.

A valid integer.300

brute_force_period_mins

integer

The number of minutes over which cPHulk measures all login attempts to a specific user's account.

The function returns this value in the cphulk_config hash.

A valid integer.5

brute_force_period_sec

integer

The number of seconds over which cPHulk measures all login attempts to a specific user's account.

The function returns this value in the cphulk_config hash.

A valid integer.360

max_failures

integer

The maximum number of failures that cPHulk allows per account within the defined time range.

The function returns this value in the cphulk_config hash.

A valid integer.30

max_failures_byip

integer

The maximum number of failures from a specific IP address before cPHulk locks out that address.

The function returns this value in the cphulk_config hash.

A valid integer.5

mark_as_brute

integer

The maximum number of failures from a specific IP address before cPHulk blocks that address for a two week period.

The function returns this value in the cphulk_config hash.

A valid integer.30

lookback_period_min

integer

The number of minutes over which cPHulk counts failed logins against a user.

The function returns this value in the cphulk_config hash.

A valid integer.360

lookback_time

integer

The number of seconds over which cPHulk counts failed logins against a user.

The function returns this value in the cphulk_config hash.

A valid integer.21600

notify_on_brute

Boolean

Whether cPHulk will send a notification when it detects a brute force attack.

The function returns this value in the cphulk_config hash.

  • 1 — Send the notification.
  • 0 — Do not send the notification.
1

notify_on_root_login

Boolean

Whether cPHulk will send a notification when the root user successfully logs in from an IP address that is not on the whitelist.

The function returns this value in the cphulk_config hash.

  • 1 — Send the notification.
  • 0 — Do not send the notification.
1