block from whm/cpanel

[dvk01]

se https://forums.cpanel.net/threads/docum ... pl.592991/

it looks like there is a "new" exploit affecting Cpanel servers
How can an IP gain access to Cpanel /whm without logging in

is there some setting in CSF that I can tweak to block this

[dvk01]

or are they actually being blocked ( I think I see 401 errors in the corresponding logs ) but Cpanel is reporting a non existent problem

[dvk01]

CF has a 403 / 404 block can we consider a 401 block as well please.
too many 401 attempts is a sign of server attack