When you try to login too many times to WHM with wrong password the VPS hosting server or dedicated server you will get this message:
Brute Force Protection
This account is currently locked out because a brute force attempt was detected. Please wait 10 minutes and try again. Attempting to login again will only increase this delay. If you frequently experience this problem, we recommend having your username changed to something less generic.
In such a case you can still login via SSH and fix the issue with cPanel's cphulk for a couple of minutes.
Before you do something may like to check what is tiggering the cPHulk lock.
cPHulk stores all the information in a MySQL database with name cphulkd. Two MySQL tables there are interesting: logins and brutes. The logins MySQL table has the login authentication failures and the brutes table has excessive authentication failures indicative of a brute force attack to your VPS hosting or dedicated server.
To view this MySQL tables and records in them do the following:
Login to the server via SSH as root.
[[email protected] ~]$ mysql
mysql> connect cphulkd
mysql> select IP, BRUTETIME from brutes order by BRUTETIME;
mysql> select IP, LOGINTIME FROM logins order by LOGINTIME;
When you see cPHulk bans and like to clear them from MySQL just use the following MySQL commands.
mysql> delete from brutes;
Query OK, 0 rows affected (0.00 sec)
mysql> delete from logins;
Query OK, 16 rows affected (0.00 sec)
After all this is finished you should have again cPanel/WHM access to your VPS hosting or dedicated server as root again.