limit FTP access by specific Remote Access IPs for specified ftpuser
ipconfig 220.127.116.11 on Cento 5.4 - all works
some websites created and relative ftp accounts.
is there a way to limit FTP access by specific Remote Access IPs
only for specified ftpuser account ?
(i believe is not present this option inside ispconfig panel, only for phpmyadmin access)
in other Centos server i use proftpd and i have to configure the proftpd.conf file in order to do this..
i was wondering how to do the same thing inside this ISPconfig environment
that i know it does not use proftpd ftp server.
thanks in advance.
I'am not aware of such an option in pure-ftpd. But you might be able to limit access to ftp with iptables.
however, i am almost sure that if i'd use iptables (so a firewall)
i would limit by specific external IP the entire ftp protocol for all ftpusers and not for a single one..:rolleyes: (since the configured ip is only one onto ispconfig server)
i'll look for a solution tweaking the pure-ftpd configuration..
perhaps know how to do, can be useful for others:
looking inside: /etc/pure-ftpd/pureftpd-mysql.conf
it seems configuration can be "enhanced" in order to take in consideration
the source IP connected to the ftp server.
# In the following directives, parts of the strings are replaced at
# run-time before performing queries :
# \L is replaced by the login of the user trying to authenticate.
# \I is replaced by the IP address the user connected to.
# \P is replaced by the port number the user connected to.
# \R is replaced by the IP address the user connected from.
# \D is replaced by the remote IP address, as a long decimal number.
# Very complex queries can be performed using these substitution strings,
# especially for virtual hosting.
i think changing the actual queries configured adding the following statement:
"AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")"
can achieve the result..
but in the ispconfig mysql db should be added an extra column called "ipaddress" inside the ftp_user table..and put there the desired IP who can connect from to that specified user..
|All times are GMT +2. The time now is 09:59.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.