Adding mod_ban to proftpd

8 posts / 0 new
Last post
#1 Wed, 11/05/2008 - 09:03

Adding mod_ban to proftpd


I am suggesting to enable mod_ban ( ) on proftpd for controlling the Brutal Attack which is coming through FTP. It is just and update of the RPM for proftpd. Can you please give me your idea about that ?


Sun, 11/16/2008 - 14:41

Agree... I had constant FTP attacks, and the new proftpd with built in mod_ban stops them cold. With proftpd 1.32 pr newer just select the mod_ban compile option and then add this or something like it to the proftpd config file:

BanEngine on
BanLog /var/log/proftpd/ban.log
BanTable /var/data//proftpd/
BanOnEvent MaxLoginAttempts 2/00:10:00 01:00:00

I would propose to Joe something like this be the default.


[edit: this was a FREEBSD & VMPro install via install script. Update all the ports first before . Make sure all directories exist and are writeable by proftpd]<br><br>Post edited by: SteveAcup, at: 2008/11/16 14:44

Sun, 11/16/2008 - 15:26 (Reply to #2)

Debian etch does not have mod_ban -- only a few distros actually have this module so in the end Joe/Jamie would have to support this in there own repo's. It's a great mod and I use it for my mandriva desktop. Shame that debian has failed to include this.

Sun, 11/16/2008 - 16:23 (Reply to #3)
Joe's picture

I'd prefer the default be not using FTP, at all. SSH has an excellent FTP protocol, which most FTP clients support, and the security history of OpenSSH is excellent. ;-)

I'll look into mod_ban...but I won't make any promises. As Scott mentioned, if it isn't a standard module, it requires a serious investment of resources to create and maintain the packages.


Check out the forum guidelines!

Sun, 11/16/2008 - 18:00 (Reply to #4)

I wouldn't bother with it -- researching for any debian packages comes up with nothing except for a 1 old version of proftpd and mod_ban... 1.2.1 and .4.5 so its not worth it unless you do a complete rebuild for debian etch.

Sat, 12/06/2008 - 11:33 (Reply to #5)


As I can see you are already building your own package for CentOS proftpd, not default package ( mine is proftpd-1.2.10-9.vm ) . For sure it should be easy to just include the mod_ban compile time enviroment to the spec file and that's all. As steve mentioned it is already included in the new version of proftpd.


Fri, 09/25/2009 - 08:54 (Reply to #6)

Ping on this topic: Any further consideration of adding this or at least updating the vm version of proftpd to V1.3.2 ?

Fri, 09/25/2009 - 09:02 (Reply to #7)

For banning, you might be better off using a tool that monitors either PAM, or log messages, and sets a system-wide ban rather than just on FTP. Both because it's more secure, and because ProFTP's mod_ban module is non-standard, making it difficult to maintain :-)

As far as the ProFTP version, if you want to see them use a newer version, I'd recommend filing a request in the support tracker using the Support link above.


Topic locked