IP filtering and auto-banning
Two of the most important protective measures in your security arsenal are great reasons for choosing the Professional and Enterprise Editions of CompleteFTP. Auto-Banning is present in our Standard Edition but cannot be configured. IP Filtering and Auto-Banning are essential tools for protecting access, and for controlling who can and can’t access those all important files and documents. Keeping out unwanted visitors to your site has taken on an ever more pressing meaning, especially with the advent of increased hacking attempts. Auto-Banning and IP Filtering allow you to configure how strict you wish to make the connection process, and with CompleteFTP to help, you can’t go wrong.
Auto-Banning works by automatically banning IP addresses from connecting (for a pre-configured period of time) if they have failed to authenticate a certain number of pre-configured times within a pre-configured time period. In our Professional and Enterprise Editions, all of these factors, time period and number of connection attempts, are adjustable to suit you and to help you maintain control over your security.
You can even see the currently banned IP addresses in the monitoring tab of CompleteFTP (Professional and Enterprise Editions) allowing you to oversee the current security situation.
CompleteFTP has what is probably, one of the most flexible and configurable IP Filtering interfaces available with any File Transfer Server. If you avail yourself of our top Professional or Enterprise Editions, you can configure this filter to your heart’s content!
- Block connections from specific IP addresses (blacklisting)
- Accept connections only from specific IP addresses (whitelisting)
- Accept connections only from specific users at specific IP addresses
- Restrict some users to connect only from specific IP addresses
IP filters consist of a collection of rules. Each rule consists of a mask and an action. The mask specifies which IP addresses the rule pertains to and the action specifies what should be done. Each rule also has a scope that is either the entire site or a specific user. Rules are combined to filter incoming IP addresses. When a connection attempt is made, the rules are consulted to see if the remote IP address matches the rules, and the connection is dropped if it is determined that access should be denied. Each rule may optionally be associated with a user. If it is associated with a user then it applies only to that user. If it's not associated with a user then it applies to the entire site. Typically user-specific rules are used in the following scenarios:
- Restrict specific users to connect only from specific IP addresses while the other users can still connect from any IP addresses.
- Restrict some users to connect only from specific IP addresses for detailed instructions.
- Reject all connections except those that are from specific users on specific IP addresses.
Please refer to Step-by-step guide: Accept connections only from specific users at specific IP addresses for detailed instructions
With such flexibility at your fingertips, our Auto-Banning and IP Filtering options make our product number one for businesses looking to allow administrators the maximum scope to harden and secure their servers.
- Multiprotocol gateway
- Unlimited Windows and non-Windows users in all editions
- Windows domain Active Directory (AD) users
- Authentication via an external database
- SSO Single Sign On (SAML)
- Expiration of user accounts
- Folder tree listings (aka recursive directory listings)
- Authenticators via custom .NET extensions