SFTP Gateway Support

3.0

Brute Force Protection

Wed Admin UI Brute Force Protection

If a user attempts to login with invalid credentials from the same ip address after 10 failed attempts, they will be locked for an hour.

The front end will give you the time that you have left, so if you try to login after you have been locked out, you will see this message:

Web Admin

It also should not matter if you are using a bad username or password, all that matters is that you are trying from the same ip address.

SFTP System Brute Force Protection

The SFTP system will ban an IP address for 5 hours if it has made more than 10 failed authentication attempts within 5 minutes of each other.

You can manually clear the IP lockout by restarting the Java service:

sudo su
service sftpgw-admin-api restart

Or, you can disable the IP banning feature (in v3.3.0 and later).

PreviousNext