Host Access Control

keat63

• February 07, 2017 13:01

I have a dynamic IP at home which of course occasionally changes. Today, Host access control allowed me to login to FTP, even though my IP isn't white listed. The last entry in HAC is ALL ALL deny How did this happen?? Successful Login as "user-acc" from an Unknown Network Domain: mydomain.com Service: pure-ftpd Local IP Address: xxx.xxx.xxx.xxx Local Port: 21 Remote IP Address: x.xx.xx.xx Authentication Database: system Username: user-acc Known Network ": No ?

• 

  keat63

  • February 07, 2017 18:29

  I found this ProFTPD Configuration for Host Access Control - cPanel Knowledge Base - cPanel Documentation A little concerning that we have to jump through hoops to protect ourselves. Surely this should be built in.

  0
• 

  keat63

  • February 08, 2017 10:48

  So I toyed with my FTP server selection last night, and now I remember why I switched from proftp to Pure-ftp. Proftp is constantly echoing to var/log/messages. Feb 8 11:25:53 proftpd[17111]: xxx.xxx.xxx.xx (127.0.0.1[127.0.0.1]) - FTP session opened. Feb 8 11:25:53 proftpd[17111]: xxx.xxx.xxx.xx (127.0.0.1[127.0.0.1]) - FTP session closed. I switched to Pure-ftp to stop this from happening.

  0
• 

  cPanelMichael

  • February 10, 2017 15:54

  Hello, Pure-FTP does not support TCP wrappers, and thus won't work with the /etc/hosts.allow file on the system ("WHM >> Host Access Control" is simply a UI for this system file). Do you utilize a firewall management utility such as CSF? If so, a common workaround is to close port 21 in the CSF configuration, and then whitelist the IP addresses that require FTP access. Thank you.

  0
• 

  keat63

  • February 10, 2017 16:06

  I never thought of that

  0

Please sign in to leave a comment.