The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to track the ip addresses using my FTP

Discussion in 'General Discussion' started by pradykris, Oct 14, 2009.

  1. pradykris

    pradykris Registered

    Oct 14, 2009
    Likes Received:
    Trophy Points:

    How can i track the ipaddress which are using my ftp? Can i restrict the ftp and cpanel access to a specific country or countries?
    One of my websites was used for phising attack, there was a folder with few php files which were added to my website, how can this be controlled in future. If somebody could guide me on what security measures i need to take to prevent this

  2. InstaCarma_Tech

    InstaCarma_Tech Well-Known Member

    Apr 22, 2009
    Likes Received:
    Trophy Points:
    You can use iptables to block access from specific ip(range) to the ftp and cPanel ports.

    As for security, there are n number of things that you might need to so it would be good if you hire a security expert or a system administrator. For a start, you can check basic things like :

    Permissions for folders should be 755 and files should be 644
    Move to SuPHP (if you are still not using that)
    Do not disclose your passwords to anyone or write them down anywhere. Keep changing them regularly..........
  3. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Nov 5, 2008
    Likes Received:
    Trophy Points:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    For restricting access from specific countries you would need to implement a firewall, such as an iptables-based (software) firewall if using CentOS/RHEL, or ipfw for FreeBSD.

    There are some "wrapper" scripts that help manage an iptables-based firewall, a few of which are listed in the following forums thread:

    Some common firewall scripts used with cPanel-based servers are APF and CSF, but both of these are third-party products and so you would need to contact their vendors or developers with any questions regarding them or support requests for them.

    Upon checking I see that "Config Server Firewall" (CSF) has a "country code blocking" feature to filter IP addresses associated with a specific country; I would check the vendor web sites to be sure of what all is or is not possible.

    For your convenience here are additional vendor web site links for reference:

    "Config Server Firewall" (CSF) can be found here:
    ConfigServer Security & Firewall
    ConfigServer Scripts Forum - Powered by vBulletin
    ConfigServer by Way to the Web
    Way to the Web Technical Support

    "Advanced Policy Firewall" (APF) can be found here:
    Advanced Policy Firewall | R-fx Networks

Share This Page