Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

I need to limit FTP access for a user to a specific IP.

Discussion in 'General Discussion' started by carock, Aug 14, 2007.

  1. carock

    carock Well-Known Member

    Joined:
    Sep 25, 2002
    Messages:
    232
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    St. Charles, MO
    I had one of my customer's web sites hacked with the mysterious FTP login to change their web site.

    The informed me that the site will never be changed from anywhere other than the static IP they have.

    does anyone know if it's possible to limit FPT login for a specific user so they are only allowed from certain IP's or IP?

    I'm running ProFTP on this server, and PureFTP on others.

    Thanks,
    Chuck
     
    #1 carock, Aug 14, 2007
  2. jayh38

    jayh38 Well-Known Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    166
    The should first change their passwords and you could then setup cphulk or get more protection using CSF and counter anyone trying to guess their password access and ban after 3 attempts.

    Setup mod security as well. These are all basic things that would stop most problems like this, especially the brute force method of gaining access.
     
    #2 jayh38, Aug 14, 2007
  3. carock

    carock Well-Known Member

    Joined:
    Sep 25, 2002
    Messages:
    232
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    St. Charles, MO
    I have most of that in place already, but the client side was compromised with keylogger trojan, and there are no password failures, only successes from various IP's.

    Thanks for your suggestions though, they are good.

    Chuck
     
    #3 carock, Aug 15, 2007
(You must log in or sign up to post here.)
Loading...
Similar Threads - need limit access
  1. jndawson

    Need two domain lists! at bin/autossl_check.pl line 870.

    jndawson, Oct 18, 2017 at 3:35 PM, in forum: Security
    Replies:
    1
    Views:
    98
    cPWilliamL
    Oct 19, 2017 at 1:06 PM
  2. IndicHosts.net

    Need to disable http2 on a domain

    IndicHosts.net, Oct 6, 2017, in forum: Workarounds and Optimization
    Replies:
    3
    Views:
    164
    IndicHosts.net
    Oct 13, 2017
  3. ladydi711

    cPanel server migration - need to transfer zones without cPanel accounts

    ladydi711, Sep 29, 2017, in forum: General Discussion
    Replies:
    2
    Views:
    121
    cPanelMichael
    Oct 2, 2017
  4. Joe Joe

    SMTP details needed

    Joe Joe, Sep 13, 2017, in forum: E-mail Discussions
    Replies:
    1
    Views:
    83
    cPanelMichael
    Sep 13, 2017
  5. electric

    Do I need to specify "INBOX" as root folder path?

    electric, Sep 8, 2017, in forum: E-mail Discussions
    Replies:
    5
    Views:
    170
    cPanelMichael
    Sep 12, 2017

Share This Page