Symptoms
On servers with Imunify360 installed and FTP brute-force protection enabled, regular FTP service failure notifications are received.
Notification The service “ftpd” appears to be down.
Service Check Method The system failed to connect to this service’s TCP/IP port.
The specific failure in the notification will likely be authentication related:
>> USER __cpanel__service__auth__ftpd__$session-id
<< 331 User __cpanel__service__auth__ftpd__$session-id OK. Password required
>> PASS EXAMPLE_PASSWORD
<< 530 Login authentication failed
ftpd: ** [530 Login authentication failed !=3D 2]
: Died
Description
Imunify360's FTP brute-force protection feature can cause regular FTP service failure notifications. CloudLinux is tracking this issue in their internal case DEF-14750. The Imunify360 blog will be updated once a fix has been published.
We've opened an internal case for our development team to investigate this further. For reference, the case number is UPS-274. Follow this article to receive an email notification when a solution is published in the product.
Workaround
This issue has been updated as of Imunify360 version 5.5. To update to the latest version of Imunify360, run the following command as root depending on your operating system:
CentOS 7:
yum update imunify360-firewall
AlmaLinux / RockyLinux / CloudLinux 8 or 9:
dnf update imunify360-firewall
Ubuntu:
apt update imunify360-firewall
The FTP brute-force protection feature can be enabled or disabled as needed by following these instructions:
- Log into WHM
- Open the Imunify360 plugin interface
- Open Settings with the gear
icon
- Under General, uncheck "FTP brute-force attack protection"
- Click "Save Changes"
Comments
0 comments
Article is closed for comments.