RE: how to disable plain ftp when server is configured with explicit ftp
This is how I do it - I have the server listening on both an internal and external interface and check that download attempts on the external one are secure before allowing it. The internal interface is plain FTP: public FtpletResult onDownloadStart(FtpSession session, FtpRequest request) throws FtpException, IOException { if (isExternalInterface(session) && ! isSecureConnection(session)) { //security issue, either the control or data port is unsecure LOG.error("About to start a download, but either the control or data connection is unsecure. Download aborted."); writeMessage(session, FtpReply.REPLY_550_REQUESTED_ACTION_NOT_TAKEN, "Session is not secure. Issue PROT P command first."); return FtpletResult.SKIP; } private boolean isSecureConnection(FtpSession session) { return (session.isSecure() && session.getDataConnection().isSecure()); } Best Regards, Gary Bell
Re: how to disable plain ftp when server is configured with explicit ftp
Just to be clear since I am new to the product are you suggesting the following - In FTPLet.onConnect method, check the FtpSession.isSecure and decide to allow or not? On Wed, Feb 6, 2019 at 11:10 PM David Latorre wrote: > from the top of my head, I think there's an isSecure() method you can use > in a FTPLet... > > El mié., 6 feb. 2019 a las 11:30, Chandrashekhar H S > () escribió: > > > Hi, > > > > Is it possible to disable plain-ftp connections when the apache ftp > server > > is configured to work with explicit-ssl? > > > > Thanks, > > Chandrashekar > > >
Re: how to disable plain ftp when server is configured with explicit ftp
from the top of my head, I think there's an isSecure() method you can use in a FTPLet... El mié., 6 feb. 2019 a las 11:30, Chandrashekhar H S () escribió: > Hi, > > Is it possible to disable plain-ftp connections when the apache ftp server > is configured to work with explicit-ssl? > > Thanks, > Chandrashekar >