LinuxHostingSupport

The default firewall that comes along with Linux is “iptables” and you can use iptables to block Ftp access/port on your server.

Completely block Ftp access on the server:

# iptables -A INPUT -p tcp --dport 21 -j DROP

Block Ftp access for a specific IP address, say 11.12.13.14

# iptables -A INPUT -p tcp -s 11.12.13.14 --dport 21 -j DROP

Block Ftp access for a specific subnet

# iptables -I INPUT -p tcp -s 11.12.13.0/24 --dport 21 -j DROP

Make sure you save the iptable rules else they will be erased after a iptable/server restart:

# service iptables save

CSF firewall use iptables in the background to apply it’s rules. Edit the csf configuration file,

# pico /etc/csf/csf.conf

Remove port 21 from the TCP_IN list and restart the csf firewall

# csf -r

Block Ftp access for a specific IP address, edit the csf.deny file

# pico /etc/csf/csf.deny

and place the following line

tcp:in:d=21:s=11.12.13.14

Save the file and restart the csf firewall.

Tags: block ftp access to a single ip using csf, block ftp access to a single ip using iptables, block ftp access to a subnet using iptables, how to block ftp access on a server?, how to block ftp port?, how to restart csf firewall?, how to save iptable rules?

Leave a Reply

Name (required)

Mail (will not be published) (required)

Website

Anti-spam word: (Required)*
To prove you're a person (not a spam script), type the security word shown in the picture.