Most of the times many reseller web hosting and vps hosting accounts are begin affected by unauthorised FTP uploads. Unlike vps and reseller hosting, on cpanel hosting accounts we are aware of the domains which are being created and can be altered directly from the systems. However, it is not possible with the vps and reseller hosting accounts as the clients has the flexibility to add any number of domains.
However, we can provide a method in order to secure FTP access to your website for a number of IP addresses or a complete subnet.
Primarily, you need to determine your own IP address first. One of the best way to detect your ip address is to visit www.whatismyip.com website. Once you visit this site it will show your ip address like “Your IP Address Is: xxx.xxx.xxx.xxx”. This is all you need to determine if you are on a static IP address. However, if you are assigned with a dynamic IP address, it means your ip will keep on changing, hence you will need to know the ip addresses you would be assigned.
If you have a static ip address assigned, visit the “Whatismyip” site and click on the “IP WHOIS Lookup” link on the left of the page and then simply click the “Whois Lookup” button. You will see a detailed information about your ip address on the middle of the page. In that information, you should see something like this:
inetnum : 188.8.131.52 – 184.108.40.206
The above figures is the range of the IP addresses you could be assigned.
Now, that you have the possible ip addresses, you can proceed with the following steps.
On your machine, create a file .ftpaccess in a text editor (make sure you put the (.) dot at the beginning of the file name).
If you have a static ip address assigned, put the following content in that file:
The line “Allow 220.127.116.11” should be left in the file as a backup in order to enable you the access to the .ftpaccess file through the Filemanger in the Admin area.
If you are assigned with a dynamic ip address, then you will have to Allow the possible range of ip address based on the example “inetnum: xxx.xxx.xxx.xxx – xxx.xxx.xxx.xxx”. The file contents will look like this:
Now, as you are done with creating the .ftpaccess file, you just need to upload that file into the httpdocs, httpsdocs and cgi-bin folders on the server. It will restrict all the ip addresses trying to access your site via FTP accept those ip addresses which are Allowed in the .ftpaccess file.
The above change won’t stop blocks on SFTP or WinSCP, if you are going to use only these protocols you could create a file with the following contents.
The above lines will restrict any FTP access to your website. This tutorial is applicable only for the Reseller Web Hosting and VPS Hosting accounts. If you are not familiar with above, you can simply raise a ticket at our support desk and leave the rest on our technical experts.