Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Old 12th May 2008, 20:59
sagor sagor is offline
Junior Member
Join Date: Apr 2008
Posts: 22
Thanks: 5
Thanked 1 Time in 1 Post
Default Where to set max login for Proftpd?

I've noticed some "undesirables" trying to login to my ISP machine via FTP, and after 3 attempts him (or her?) gets locked out.
1) How long does it block the same IP from re-attempts? Can it be set?
2) Is there a way to add failed login attempt IP's to the firewall automatically?
3) Where can I set # login attempts for proftpd - seems to be somewhere in other database or config files?


PS. I now have successfully got ISPConfig on perfect Hardy Heron working, with about 5 web sites with external DNS names. I've retired my IIS server and put Linux online. Not bad for a newbie lol... only took me 3 weeks
All this thanks mostly from help in this forum...keep up the good work guys.
Reply With Quote
Sponsored Links
Old 13th May 2008, 15:43
falko falko is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,751 Times in 2,581 Posts

Is it possible that you're using fail2ban, DenyHosts, or Blockhosts and have locked out yourself?
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Old 13th May 2008, 16:28
sagor sagor is offline
Junior Member
Join Date: Apr 2008
Posts: 22
Thanks: 5
Thanked 1 Time in 1 Post

It's not myself that is the issue, everything is working fine, including proftpd. I can also ftp from the outside world just fine

What I was referring to was that outside "hackers" were trying to FTP to my site, and tried to log in 3 times before the system (proftpd) did a "locked out" for that attempt. I do NOT allow any anonymous FTP. I wanted more detail on where those lock out parameters are set. Proftpd is behaving properly, and that user was unwanted, I just wanted the details of the Proftpd settings, and how ISPConfig controls it (if at all)

I wanted to know where this "lock out" attempts is set. Currently my system is just the "Pefect server Ubuntu 8.04" with ISPConfig and 5 web sites, nothing else added except ddclient and phpBB3...

I keep an active eye on hacking attempts. My "real" firewall is a Mikrotik router at the WAN side, nothing on the "Perfect Server", though I would entertain the though of adding firewall rules to iptables or something (but Mikrotik router has hundreds of rules already...)

So, the basic question is: where/how can I review/modify the behaviour of Proftpd, in particular the login attempts and lockouts (like setting it to 2 instead of 3, and setting lockout time to a long time)


PS, I did find the parameter for Maxloginattempts in the Proftpd website (default is 3) that goes into proftpd.conf:

But no info yet on how to control the "lockout" period.

Last edited by sagor; 13th May 2008 at 16:49.
Reply With Quote


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Webmail problems with only one domain? compner Installation/Configuration 14 16th February 2010 17:59
Advice on how to setup Lintrack As A LAN Gateway And An OpenVPN Bridge eddiequek HOWTO-Related Questions 0 12th July 2007 11:38
Transaction error Perfect FC6 setup ACDII HOWTO-Related Questions 1 6th July 2007 15:56
Unable to authenticate to SMTP server ashkev Installation/Configuration 15 6th February 2007 18:46
newbie ububtu 6.0.6 error PHP binary line 816 davidsky73 Installation/Configuration 8 17th September 2006 12:51

All times are GMT +2. The time now is 04:12.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.