Page 1 of 1

How to limit ftp access to few ip address

Posted: 2020/11/16 18:42:41
by formiche
Hi guys!
I have this problem: I have to limit ftp access only at few ip address but I don't know how to do that.
I found as solution to write a file .ftpaccess with the following directives:
HideFiles (\.ftpaccess|\.htaccess|\.htpasswd)$ user !u12345678
<Limit ALL>
IgnoreHidden on
</Limit>
or
<Limit ALL>
Order allow,deny
Deny from 12.34.56.78
Deny from 87.65.43.21
<Limit ALL>
Is it correct or I have to use firewall (I don't know how to relize the last way)?
Thanks!

Mic

Re: How to limit ftp access to few ip address

Posted: 2020/11/16 18:54:38
by TrevorH
What ftp server are you using? We supply vsftpd. To restrict access to that you need to use firewall rules - i.e iptables/nftables/firewalld.

Re: How to limit ftp access to few ip address

Posted: 2020/11/16 19:32:07
by formiche
I use vsftp service. So, to use firewall is the only way?
Thanks! I'll try with firewalld (already installed on my centos 8) and when I'll solve I'll post my solution.
Thank you very much!

Mic

Re: How to limit ftp access to few ip address

Posted: 2020/11/17 07:14:44
by jlehtone
The firewalld solution is to create a new zone.
Add the IP's that you want to allow as sources to that zone.
Allow in that zone the services/ports that you want those IP's to access.