سلام و احترام
دوستان بنده
ناگهانی با این پیغام
The login is invalid.

مواجه شدم
سرور شخصی هست
و به طور ناگهانی
امکان ورود به صفحه بسته شده
نکته اینجاست بنده از طریق esxi
و خود sentos وارد شدم و پسوردم رو عوض کردم
اما متاسفانه همچنان همون مشکل پا برجاست
ممنون میشم راهنمایی کنید

احتمالا آی پی که باهاش لاگین میکنید از طریق CpHulk بخاطر چیزهایی مثل Brutforce بلاک شده باشه.
اگر این قابلیت روی Cpanelتون فعال هست، پس قطعا میتونه یکی اصلی ترین دلایلش باشه ( یه جورایی یک طور ماژول امنیتی درونی خود Cpanel هست که میتونید بعد از رفع مشکل غیر فعالش کنید.
از طریق Ssh و با کد زیر ، لاگ سرور رو بررسی کنید :


/usr/local/cpanel/logs/error_log

اگز چیزی مثل پیام زیر دیدید، پس از Cphulk هستش :


main::badpass('faillog', 'brute force attempt (user iserversupport) has locked out IP xxx.xxx.xxx.xx...', 'skip_hulk', 1, 'msg_code', 'invalid_login') called at cpsrvd-ssl line

میتونید از طریق Ssh ، با دستور زیر آی پی خودتون رو از حالت مسدود شده با دستور زیر خارج کنید :


/scripts/cphulkdwhitelist <IP-Address-INJA-Benevisid>


جای مقدار " <IP-Address-INJA-Benevisid> " ، آی پی خودتون رو بنویسید.
بررسی بفرمایید.انشالله که مشکل حل میشه.

همینطور لینک مربوط به اینکه CpHulk اصلا چی هست و چطور غیر فعال میشه و مدیریت میشه :

https://docsbeta.cpanel.net/knowledge-base/security/cphulk-management-on-the-command-line/

موفق باشید.

تشکر بزرگوار دقیقا همون بود
درست شد
Debug modeTo enable debug mode for the cPHulk service, run the following command:
touch /var/cpanel/hulkd/debug
Check the status of cPHulkTo check the status of the cPHulk service, run the ps aux | grep -i cphulk command. The system will return output that resembles the following example:
root 1501 0.0 0.4 34816 5076 ? S 07:58 0:00 cPhulkd - processor
Note:
In this example, the output indicates that cPHulk is enabled.


Restart the cPHulk daemon (cphulkd)To restart the cphulkd daemon, perform one of the following actions:


Use WHM API 1’s configureservice (https://documentation.cpanel.net/display/DD/WHM+API+1+Functions+-+configureservice) function to perform the restart, which also performs the necessary the Dovecot® service rebuild and restart. To do this, run the following commands:


1
2

whmapi1 configureservice service=cphulkd enabled=0 monitored=0
whmapi1 configureservice service=cphulkd enabled=1 monitored=1





Perform a soft restart, rebuild the Dovecot service, and restart the Dovecot service. To do this, run the following commands:


1
2
3

/scripts/restartsrv_cphulkd
/scripts/builddovecotconf
/scripts/restartsrv_dovecot





Perform a hard restart and force the system to flush the daemon’s memory, rebuild the Dovecot service, and restart the Dovecot service. To do this, run the following commands:


1
2
3

/scripts/restartsrv_cphulkd --stop; /scripts/restartsrv_cphulkd --start
/scripts/builddovecotconf
/scripts/restartsrv_dovecot





Disable cPHulkTo disable the cphulk daemon, perform one of the following actions:


Use WHM API 1’s configureservice (https://documentation.cpanel.net/display/DD/WHM+API+1+Functions+-+configureservice) function to disable the cPHulk service:
whmapi1 configureservice service=cphulkd enabled=0 monitored=0

Run the following commands:


1
2

/usr/local/cpanel/etc/init/stopcphulkd
/usr/local/cpanel/bin/cphulk_pam_ctl --disable





To disable the cPHulk service so that it remains offline, even after a restart of cPanel & WHM, perform the following steps at the command line:


Remove the cPHulk touch file with the following command:
rm /var/cpanel/hulkd/enabled

Edit the /etc/dovecot/dovecot.conf file and remove the following line:
auth_policy_server_url = http://127.0.0.1:579/dovecot-auth-polic

Rebuild Dovecot\’s configuration file and restart it with the following commands:


1
2

/scripts/builddovecotconf
/scripts/restartsrv_dovecot





Log filescPHulk stores its logs in the following files:


1
2

/usr/local/cpanel/logs/cphulkd.log
/usr/local/cpanel/logs/cphulkd_errors.log




IP address managementAdd IP addresses to the whitelistTo add IP addresses to the whitelist from the command line, run the /scripts/cphulkdwhitelist IP command, where IP represents the IP address or IP address range that you wish to add.
For example, to add the 192.168.0.20 IP address to the whitelist, run the following command:
/scripts/cphulkdwhitelist 192.0.2.0
Add IP addresses to the blacklistTo add IP addresses to the blacklist from the command line, run the /scripts/cphulkdblacklist IP command, where IP represents the IP address or IP address range that you wish to add.
For example, to add the 192.0.2.0 IP address to the blacklist, run the following command:
/scripts/cphulkdblacklist 192.0.2.0
Remove lockoutsIf the cPHulk service locks you out of your cPanel account, the /scripts2/doautofixer?autofix=disable_cphulkd script in WHM can disable cPHulk and allow you to log in.
For example, log in to WHM and navigate to https://www.example.com:2087/scripts2/doautofixer?autofix=disable_cphulkd, where www.example.com represents your server’s hostname.
If you enabled the Block IP addresses at the firewall level if they trigger brute force protection or the Block IP addresses at the firewall level if they trigger a one-day block options in WHM’s cPHulk Brute Force Protection (https://docsbeta.cpanel.net/whm/security-center/cphulk-brute-force-protection) interface (WHM >> Home >> Security Center >> cPHulk Brute Force Protection), remove the iptables rule that the system created. To do this, run the following command:
iptables -F cphulk && mysql -e "Delete from cphulkd.login_track;"
Note: