RE: how to disable plain ftp when server is configured with explicit ftp

Gary Bell Fri, 08 Feb 2019 01:29:22 -0800

This is how I do it - I have the server listening on both an internal and 
external interface and check that download attempts on the external one are 
secure before allowing it. The internal interface is plain FTP:


public FtpletResult onDownloadStart(FtpSession session, FtpRequest request) 
throws FtpException, IOException {
                
                if (isExternalInterface(session) && ! 
isSecureConnection(session)) {
                        //security issue, either the control or data port is 
unsecure
                        LOG.error("About to start a download, but either the 
control or data connection is unsecure. Download aborted.");
                        writeMessage(session, 
FtpReply.REPLY_550_REQUESTED_ACTION_NOT_TAKEN, "Session is not secure. Issue 
PROT P command first.");
return FtpletResult.SKIP;
                }


private boolean isSecureConnection(FtpSession session) {
                return (session.isSecure() && 
session.getDataConnection().isSecure());
                
        }

Best Regards,
Gary Bell

RE: how to disable plain ftp when server is configured with explicit ftp

Reply via email to