Sometimes, because of the Brute Force Attack we are unable to login to WHM if we are using correct details also. Then at that time try using below method.
Login to server via SSH.
Connect with mysql database using mysql command. It will show below output.
root@testserver [/var/log]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 172123
Server version: 5.1.65-cll MySQL Community Server (GPL)Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.
mysql>
Then type show databases commands in mysql it will show all databases.
mysql> show databases;
+——————–+
| Database |
+——————–+
| information_schema |
| cphulkd |
| eximstats |
| horde |
| leechprotect |
| logaholicDB_test |
| modsec |
| mysql |
| roundcube |
+——————–+
9 rows in set (0.00 sec)
Then go to cphulkd database using below command.
mysql> use cphulkd;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -ADatabase changed
Now, it’s time to show tables.
mysql> show tables;
+——————-+
| Tables_in_cphulkd |
+——————-+
| auths |
| blacklist |
| brutes |
| good_logins |
| logins |
| report |
| whitelist |
+——————-+
7 rows in set (0.00 sec)
You can take backup of tables using below command
mysql>BACKUP TABLE `brutes` TO ‘/path/to/backup/directory’;
Run below command to check your IP is blocked in CPHulk Brute Froce database. Replace xxx.xxx.xxx.xxx with your IP
mysql> SELECT * FROM `brutes` WHERE `IP`=’xxx.xxx.xxx.xxx’;
Run below command to remove IP from database
mysql> DELETE FROM `brutes` WHERE `IP`=’xxx.xxx.xxx.xxx’;
Also, check IP in login table also by running the below command
mysql> SELECT * FROM ‘logins’ WHERE ‘IP’ =’xxx.xxx.xxx.xxx’;
Remove the IP from login table using below command.
mysql> DELETE FROM ‘logins’ WHERE ‘IP’ =’xxx.xxx.xxx.xxx’;
OR
You can use below method to clear brutes and login tables. Please note it will remove all the IP’s from database.
Now empty some tables by giving the below commands.
mysql> DELETE FROM brutes;
Query OK, 60 rows affected (0.00 sec)mysql> DELETE FROM logins;
Query OK, 34 rows affected (0.00 sec)
9 rows in set (0.00 sec)