Moct of the CP's used malformed syntax to deny IP's (there are many very old references in the archives to this).

Do you have an .htaccess file in the VPS root above all the domains and their directory structures?

Don't know about you specific panel features.

At VPS server level yes a htaccess will do the job, but it is better to use the htconfig file. Much more robust and manageable.

[httpd.apache.org...]

Thanks for the replies.

Do you have an .htaccess file in the VPS root above all the domains and their directory structures?

I've been nothing but a GUI VPS server admin, i.e., have never touched anything by command line.

I just examined all the GUI options and I cannot find a darned thing that will allow me to either view or alter a server level .htaccess OR .config file.

It appears I MAY be able to access the VPS's .htaccess and/or .config file but I first have to ask the NOC (@ ServInt) to enable SSH access. Once they do I'll still be a bit of a child lost in the dark and scarey forest. ;)

Suggestions?

Is this an Apache system? Presumably yes, since the words "config" and "htaccess" are floating around, but you never actually say. In most areas of Apache, everything is inherited. So behavior that happens at the top level (for everything living on the server) will trickle down to all lower levels (a single sub-subdirectory of one domain living on the same server).

If you really don't have the power to edit either the htaccess or the config file directly ... how dearly do you love your host in other respects? An htaccess file is either present or not; you can see it when you ftp-or-equivalent into your site.

When you change things via your GUI thingie, do changes take effect instantly? Someone will need to explain (to me, that is) how that works if there's no htaccess involved. You're not restarting the server every time you edit one thing are you?

I've been nothing but a GUI VPS server admin, i.e., have never touched anything by command line.

Apples and oranges. I won't touch command-line stuff with a barge pole if I can possibly help it. But Apache has a fairly shallow learning curve. So you can learn how to do one thing, and just do that one thing until you learn how to do a second thing.

I've been nothing but a GUI VPS server admin, i.e.,

have never touched anything by command line.

Neither keyplr or myself introduced this term, however and generally speaking htaccess or config are not edited via any commnand line methods.

how dearly do you love your host in other respects?

lucy,
it's not his host, rather he's an administrator with restricted access (see first quote), possible not even to htaccess or config.

Apache http server.

From the homepage of my root login to the VPS WHM control panel:

CENTOS 6.5 i686 virtuozzo – my
WHM 11.40.1

ServInt's docs suggest I can login for the purpose of making changes to config file:

[knowledgebase.servint.net ]

I guess the easier path to understanding "what's possible" (Can I alter .htaccess or .config?) may be to ask their NOC directly. I was hoping there was an answer to the question as initially posed:

Does IP Block at WHM BruteForce Level Filter Down to Unique Domains on VPS?

It would seem redundant to have to block IP addresses at multiple levels . . so I thought it possible that the block at the VPS level would "filter down" to effectively/automatically block the same IP ranges for any website I set up on the VPS with a seperate cPanel.

IF I use a blacklist to deny access to the server is that only a block to "logins as root" or does a WHM blacklist of IPs ALSO - or effectively - blacklist and block those same IP addresses from entering the server "by any means": acessing a separate hosted site's public_html, mail svcs, etc.

From cPanel documentation: [docs.cpanel.net ]

Overview

Brute force is an attack (hacking) method that involves using an automated system to guess the password to your web server or services. cPHulk provides protection against brute force attacks.

ALERT! Important: cPHulk will not protect POP3 or IMAP against IP-based brute force attacks if you use the Courier mailserver. Courier does not log the IP addresses of failed POP3 and IMAP logins.

cPHulk will protect POP3 and IMAP against brute force attacks if you use the Dovecot mailserver. Also, cPHulk will protect other services on any mailserver that you use against brute-force attacks.

Does IP Block at WHM BruteForce Level Filter Down to Unique Domains on VPS?

You need to know what your GUI actions turn into.

If your lockout request turns into something in a firewall, then it is physically impossible for affected requests to reach individual domains, because they're not allowed into the server at all.

If your lockout request turns into a line in the config file that says

Deny from 12.34.56.78

(this seems most likely to me) it will affect the entire server unless someone further down the line puts in an explicit exception.

If your lockout request turns into a pair of lines in config that say

RewriteCond %{REMOTE_ADDR} 12\.34\.56\.67
RewriteRule .? - [F]

then all bets are off because you need to know how the individual sites are set up.

The syntax is different in htaccess and htconfig.

Just speaking out loud more than anything... so if this post is considered off topic I certainly apologize and in no way am trying to distract from the OP's question.

But Wow! I couldn't imagine running a site without knowing Unix/Linux. I've seen cPanel and it's ilk - no thanks. I'll take the command prompt any day of the year. Much easier and faster. I will also freely admit that I must be old-school, because I still code by hand and enjoy it.

The syntax is different in htaccess and htconfig.

Where? I mean, where exactly, within the context of the present discussion?

I couldn't imagine running a site without knowing Unix/Linux.

What do you use them for?

Hand-rolled html is trivial; it's just a glorified word processor. You can do it without knowing a word of any programming language.