The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

I need to limit FTP access for a user to a specific IP.

Discussion in 'General Discussion' started by carock, Aug 14, 2007.

  1. carock

    carock Well-Known Member

    Joined:
    Sep 25, 2002
    Messages:
    232
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    St. Charles, MO
    I had one of my customer's web sites hacked with the mysterious FTP login to change their web site.

    The informed me that the site will never be changed from anywhere other than the static IP they have.

    does anyone know if it's possible to limit FPT login for a specific user so they are only allowed from certain IP's or IP?

    I'm running ProFTP on this server, and PureFTP on others.

    Thanks,
    Chuck
     
  2. jayh38

    jayh38 Well-Known Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    36
    The should first change their passwords and you could then setup cphulk or get more protection using CSF and counter anyone trying to guess their password access and ban after 3 attempts.

    Setup mod security as well. These are all basic things that would stop most problems like this, especially the brute force method of gaining access.
     
  3. carock

    carock Well-Known Member

    Joined:
    Sep 25, 2002
    Messages:
    232
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    St. Charles, MO
    I have most of that in place already, but the client side was compromised with keylogger trojan, and there are no password failures, only successes from various IP's.

    Thanks for your suggestions though, they are good.

    Chuck
     
Loading...

Share This Page