How to limit ftp access to few ip address

Support for security such as Firewalls and securing linux
Post Reply
formiche
Posts: 8
Joined: 2020/09/24 14:51:12

How to limit ftp access to few ip address

Post by formiche » 2020/11/16 18:42:41

Hi guys!
I have this problem: I have to limit ftp access only at few ip address but I don't know how to do that.
I found as solution to write a file .ftpaccess with the following directives:
HideFiles (\.ftpaccess|\.htaccess|\.htpasswd)$ user !u12345678
<Limit ALL>
IgnoreHidden on
</Limit>
or
<Limit ALL>
Order allow,deny
Deny from 12.34.56.78
Deny from 87.65.43.21
<Limit ALL>
Is it correct or I have to use firewall (I don't know how to relize the last way)?
Thanks!

Mic

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: How to limit ftp access to few ip address

Post by TrevorH » 2020/11/16 18:54:38

What ftp server are you using? We supply vsftpd. To restrict access to that you need to use firewall rules - i.e iptables/nftables/firewalld.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

formiche
Posts: 8
Joined: 2020/09/24 14:51:12

Re: How to limit ftp access to few ip address

Post by formiche » 2020/11/16 19:32:07

I use vsftp service. So, to use firewall is the only way?
Thanks! I'll try with firewalld (already installed on my centos 8) and when I'll solve I'll post my solution.
Thank you very much!

Mic

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: How to limit ftp access to few ip address

Post by jlehtone » 2020/11/17 07:14:44

The firewalld solution is to create a new zone.
Add the IP's that you want to allow as sources to that zone.
Allow in that zone the services/ports that you want those IP's to access.

Post Reply