our cpanel servers use two types of firewalls CSF/LFD which completely blocks an IP address from any access (including viewing web pages), and
"hulk" which just blocks logging in (to email, ftp, cpanel, prot dir, etc.)
from our (separate) support site server, we have JS to test and ascertain if the IP address the customer is viewing from is blocked via LFD (a long equation that tries to dis-ambiguate server down and slow server). Unfortunately there are no APIs that we can find to test for an IP being on the "deny" list, so this empirical method gets us 99% there, and is good enough for the effort expended.
However we've not been able to find a way to test for an IP being on the HULK (login) block list. (again, we cannot find any APIs that our support server can cURL-check an IP address).
Does anyone know of an (empirical) technique to test for Hulk blocking login from a given IP?
we've tried to think of a way to have a generic test account (that doesn't do anything or have any privs in case a hacker finds out about it), but cannot find a way to have a cURL to attempt login and determine success.
(there used to be a cPanel category in EE, but cannot find it any longer)