THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT Server version 6 and later

To get specific instructions for your version of EFT, search in the help for "banning" or "controlling."

QUESTION

Can I automatically ban IP addresses without locking out or disabling legitimate users?

ANSWER

EFT Server can add an IP address to the Site’s IP Access/Ban List when a specified number of invalid login attempts occur over a specified period when a non-existing username or invalid username/password pair is supplied. The offending IP address is added to the Site's IP Access/Ban List.. (The Site's IP Access/Ban List can be viewed and managed on the Site's Connections tab.)

In the Site's Login Security Options dialog box (Site > Security Tab > Configure - Invalid login options), if the Ban IP address after excessive invalid commands check box is selected, and a user triggers this action, their IP address will appear in the IP Access/Ban List. If the invalid commands were not malicious and you do not want to ban the IP address, you can remove it from the list by clicking it, then clicking Remove.

The settings in the Login Security Options dialog box cause the IP address to be added to the ban list on the 6th attempt (n+1) by default. The values are the maximum failures ALLOWED before the IP address is banned. After the 6th login failure, the IP address is banned. If a hacker is using a legitimate username, but is running through a list of passwords, the IP address will be banned, but the legitimate user account is not disabled or locked out. The legitimate user can still login from a valid, non-banned IP address.

(You have to press F5 to refresh to ensure that it displays the current set of IP addresses. The GUI does not refresh automatically.)