Feature request / idea

Community forum to discuss cxs.
If you believe that there is a problem with your cxs installation and want support then, as a paid product, you should use the helpdesk after having consulted the documentation.
Post Reply
finder
Junior Member
Posts: 1
Joined: 14 May 2013, 14:14

Feature request / idea

Post by finder »

Hi,

Lately I have seen on cPanel servers alot of multi FTP hacks.

- Attacker logs in with FTP username/pass of cPanel account (from where these come no one knows)
- Attacker uploads files (shells/.htaccess spam links / mailers etc)
- Does this to most accounts on same server in short period of time.

Result: fast defacement of most/all sites on a server.

I would like to suggest a feature which:

Limits FTP access to a single IP address for X FTP username(s) in a 24 hour period. This way, an attacker cannot upload files to many usernames on the same server. Server owner could turn this feature on or off and specify how many usernames 1 unique IP can access in a 24 hour period.

Data could be stored in a flat file and cleared down nightly with a cron. I guess this would be easy to implement.

AND/OR

If more than X uploads of filename.Y in a period of X hours, block uploader and q'tine files.


Thoughts?

Post Reply