Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

I need to limit FTP access for a user to a specific IP.

Discussion in 'General Discussion' started by carock, Aug 14, 2007.

  1. carock

    carock Well-Known Member

    Joined:
    Sep 25, 2002
    Messages:
    245
    Likes Received:
    4
    Trophy Points:
    168
    Location:
    St. Charles, MO
    I had one of my customer's web sites hacked with the mysterious FTP login to change their web site.

    The informed me that the site will never be changed from anywhere other than the static IP they have.

    does anyone know if it's possible to limit FPT login for a specific user so they are only allowed from certain IP's or IP?

    I'm running ProFTP on this server, and PureFTP on others.

    Thanks,
    Chuck
     
    #1 carock, Aug 14, 2007
  2. jayh38

    jayh38 Well-Known Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    166
    The should first change their passwords and you could then setup cphulk or get more protection using CSF and counter anyone trying to guess their password access and ban after 3 attempts.

    Setup mod security as well. These are all basic things that would stop most problems like this, especially the brute force method of gaining access.
     
    #2 jayh38, Aug 14, 2007
  3. carock

    carock Well-Known Member

    Joined:
    Sep 25, 2002
    Messages:
    245
    Likes Received:
    4
    Trophy Points:
    168
    Location:
    St. Charles, MO
    I have most of that in place already, but the client side was compromised with keylogger trojan, and there are no password failures, only successes from various IP's.

    Thanks for your suggestions though, they are good.

    Chuck
     
    #3 carock, Aug 15, 2007
(You must log in or sign up to post here.)
Loading...
Similar Threads - need limit access
  1. Amperzand

    Need to change Website Title within code

    Amperzand, May 17, 2018, in forum: General Discussion
    Replies:
    4
    Views:
    81
    Infopro
    May 17, 2018
  2. celiac101

    Is Symlink Race Condition Protection Needed on a Non-Shared Server?

    celiac101, May 17, 2018, in forum: Security
    Replies:
    4
    Views:
    119
    celiac101
    May 21, 2018
  3. Arkaic

    Check if server needs a restart via SSH?

    Arkaic, May 17, 2018, in forum: General Discussion
    Replies:
    1
    Views:
    86
    cPanelLauren
    May 18, 2018
  4. RoboticPuppies

    Need advice about malware on server

    RoboticPuppies, Apr 30, 2018, in forum: Security
    Replies:
    8
    Views:
    166
    RoboticPuppies
    May 3, 2018
  5. Spork Schivago

    Need help Setting up more than one DMARC record.

    Spork Schivago, Apr 29, 2018, in forum: Bind/DNS/Nameserver
    Replies:
    8
    Views:
    146
    Spork Schivago
    May 4, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice