This is most likely cPHulk at work, which works to protect your cPanel installation from being accessed by malicious individuals. For example, if the attacker tries to brute force your root password, cpHulk will disable login for the root account and you won't be able to login to your WHM or SSH, even if you input the correct password.
Full documentation can be found here:
https://documentation.cpanel.net/display/ALD/cPHulk+Brute+Force+ProtectionTo solve this, just reboot your VPS, and then login via the root user on SSH and run this command to disable cpHulk: /usr/local/cpanel/bin/cphulk_pam_ctl --disable
We suggest you to install CSF (
http://www.configserver.com/cp/csf.html - a much better firewall with brute force protection).
To install CSF, please refer to
http://download.configserver.com/csf/install.txt or open a ticket and we'll install and configure it for you for a $5 admin fee.
Add to Favourites 
Print this Article