(dv):FTP connection limits

  • This page was last modified on November 30, 2010, at 18:32.
The (mt) Community Wiki is a collaborative project. Any (mt) Media Temple customer or employee may contribute. Not all articles and/or content have been tested for accuracy by (mt) Media Temple.

For officially moderated and tested articles, be sure to visit our KnowledgeBase.

From (mt) Community Wiki

Results

You will limit the number of simultaneous FTP connections to your server. By default, the number of simultaneous FTP connections is unlimited.

This article shows how to make high-level configuration changes to your server. (mt) Media Temple does not support custom server configurations for the (dv) Dedicated-Virtual Server. We suggest that you back up your server before making configuration changes.

Instructions

  1. Log into your server with a root or sudo user via SSH.
  2. Open your FTP configuration file for editing: 
    vi /etc/proftpd.conf
  3. Add your desired configuration changes after the AuthGroupFile /etc/group line. In this example, we will limit the maximum number of simultaneous FTP connections overall to 30, and the maximum from any single IP address to 1. Please work with your system administrator to customize these numbers for your system.
    proftpd.conf 
    ...

AuthGroupFile   /etc/group

MaxClients 30
MaxClientsPerHost 1 "Sorry, you may connect only once from this IP."

Include /etc/proftpd.include
    • MaxClients - the total number of simultaneous FTP connections.
    • MaxClientsPerHost - the total number of simultaneous FTP connections from a single IP address, followed by a custom error message. If a user tries to connect twice from the same IP, s/he will receive this error: 530 Sorry, you may connect only once from this IP.

    Follow this format for any parameter:

    1. List the limit name: MaxClientsPerHost 1 "Sorry, you may connect only once from this IP."
    2. After a space, set the number of connections: MaxClientsPerHost 1 "Sorry, you may connect only once from this IP."
    3. Optionally, after another space, compose a custom error message, inside double quotation marks: MaxClientsPerHost 1 "Sorry, you may connect only once from this IP."

    You may also want to include some additional limits:

    • MaxClientsPerUser - the total number of simultaneous FTP connections with a specific username.
    • MaxLoginAttempts - the number of times a user can retry after a failed login attempt.

    Finally, save your changes.

    vi tip: Press "i" to enter "insert mode" so you can type and copy/paste. Press "Esc" to exit "insert mode" when you are done modifying the file. Type ":wq" to save and quit.

  4. Restart the FTP service on your server: 
    /etc/init.d/xinetd restart

That's it. Users going over these connection limits should now receive an error message, and be unable to connect.

References

For a full list of possible ProFTPD directives, please visit the ProFTPD website.

Retrieved from "http://wiki.mediatemple.net/w/(dv):FTP_connection_limits"