Lockout settings for FTP (embedded) server users

You can set the number of times an FTP user can attempt to connect with an invalid password to an embedded FTP server before the trading engine locks out the user. This is a safeguard against possible efforts by unauthorized users to access the server.

The user is locked out for a specified number of minutes. The user must wait until the lockout interval expires, unless an administrator unlocks the user before the interval ends.

Set lockout rules

Use this procedure to set the lockout rules for an embedded FTP server. The rules apply to all FTP users.

  1. Select System management on the toolbar to open the System management page.
  2. Click the Configure global transport settings task to open the global transport settings page.
  3. Select the Global FTP settings tab.
  4. Edit the following fields.
    • Maximum retries before a user is locked out – The number of times a user can try unsuccessfully to log on before the user is locked out.
    • Lock out length (in minutes) – The interval in minutes that a lockout is in effect.
    • Active ports restriction – List the active ports to which users cannot have access. Specify 0 if there is no specific port restriction. Use comma-separated list to specify multiple port restrictions. You can use closed or open ranges (examples: 9055, 9056, 9060-9070, 50000-)
  5. Click Save changes when done.

Unlock a blocked user

To unlock a locked out user of an FTP (embedded) server, before the lockout interval expires:

  1. In the navigation graphic at the top of a community summary page, click Application delivery.
  2. In the list of available application deliveries, click an FTP (embedded) transport to open its maintenance page.
  3. Select the Directories tab and check whether any users have been locked out.
  4. Click Unlock to enable the user to try again to connect.

Related topics

Related Links