WHM includes a facility called cPHulk, designed to prevent bruteforce login attacks against your server. If a large number of failed logins occur against a particular account (e.g. "root") from any IP address, then all access to root becomes blocked for a period of time - potentially even via the local console.
If this has happened to you, here is how to workaround the problem:
- Log into mPanel Dashboard
- At the bottom of the screen (under the console), there is a selection for booting into your distribution or Finnix Recovery CD. Select Finnix and click Save.
- Wait for your cloud server to boot into Finnix, eventually you will see typical bash prompt and you are already logged in as root.
- Run the following commands (must be typed in, as you cannot paste into the dashboard console):
mount /dev/vda1 /mnt chroot /mnt /usr/local/cpanel/bin/cphulk_pam_ctl --disable exit poweroff
- When your server switches off, use the control at bottom of dashboard to change back to your distribution.
- Once your server has booted again, you should be able to access root as normal.
It is a good idea to create a reseller account in WHM with full access to all permissions; and then use that instead of root. Because the username will not be brute-forced by bots, you can then safely disable root login entirely.