The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Broken Clients Compatibility - FTP Issue

Discussion in 'Security' started by hostkingco, May 1, 2014.

  1. hostkingco

    hostkingco Member

    Joined:
    Apr 25, 2014
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    US
    cPanel Access Level:
    DataCenter Provider
    Has anyone ever had to enable this option.

    We had a client that had major issues using Sublime Text 2. We have 100s of clients on this server and never received any reports of errors though I think most if not all of those customers use other FTP clients like FileZilla,etc.

    When this client connected it gave the following errors:

    [INFO] Can't change directory to /public_html/sites/all/themes/name/css/.sublb71.tmp: No such file or directory

    Almost list it's trying to upload "hidden" files or "temp" files.

    Also the firewall returned these:

    May 1 17:45:34 lin01 kernel: [962711.911934] nf_ct_ftp: dropping packetIN= OUT=eth0 SRC=1.1.1.1 DST=2.1.1.1 LEN=77 TOS=0x10 PREC=0x00 TTL=64 ID=60380 DF PROTO=TCP SPT=21 DPT=49828 SEQ=484437615 ACK=1412847626 WINDOW=114 RES=0x00 ACK PSH FIN URGP=0 OPT (0101080A393D82B5003D264F0101050A543658095436580A)

    I then enabled the above option called Broken Clients Compatibility in FTP Configuration which seemed to have helped? Any security issues or dangers in doing so?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    I have moved this thread to our "Security" sub-forum for discussion of any potential security impact when enabling this option. Note that I checked Pure-FTP's documentation, but I was unable to find any details on the exact changes enacted when enabling this option.

    Thank you.
     
  3. hostkingco

    hostkingco Member

    Joined:
    Apr 25, 2014
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    US
    cPanel Access Level:
    DataCenter Provider
    Anyone have any idea yet if there are any security risks with this option enabled?
     
  4. PbG

    PbG Well-Known Member

    Joined:
    Mar 11, 2003
    Messages:
    241
    Likes Received:
    0
    Trophy Points:
    16
    I am wondering this as well. Researching exactly what protocols are ignored with this option enabled are how I found this thread. I don't know why cPanel does not publish this information with the option?
     
  5. cPMelaniel

    cPMelaniel Technical Analyst Supervisor
    Staff Member

    Joined:
    Jun 25, 2013
    Messages:
    9
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Houston,Tx
    cPanel Access Level:
    Root Administrator
    'Broken Clients Compatibility' is an option provided from Pure-FTP and not directly from cPanel.
    I was unable to locate any documentation regarding the option, however there is a discussion on the mailing list of what the configuration actually does.

    'Re: [pure-ftpd] Question for "BrokenClientsCompatibility yes"' - MARC


    - Symbolic links are made up as real files or directories
    - The server insists on entering a password even when there's none for the
    anonymous user.
    - When there's no anonymous account, instead of replying "this account
    doesn't exist" when the client tries to use it, the server replies "of
    course it exists, go ahead" and then replies "oops no sorry it doesn't
    exist" after the next step, when a dummy password is received. This stupid
    behavior was required prior to IE8.
    - EPSV is disabled.

    If you are looking for further information regarding the option or the particular security issues or dangers, you may wish to contact Pure-FTP directly.

    I hope this helps!

    Thank you!
     
Loading...
Similar Threads - Broken Clients Compatibility
  1. jjvideo25
    Replies:
    4
    Views:
    63

Share This Page