Hello, I wondering how can you whitelist an ip in ssh for an ftp connection.
I upload backup to wd mycloud drive via an ftp connection and every time I remove the blocked ip, after few days it is back in the ftp blocked list.
any instruction on how to whitelist the ip so it does not get blocked again will be appreciated.
I already have access to ssh I just need to figure how or where to add the ip so it does not get blocked again.
Thank you
The following discussion from a few years ago may or may not be relevant to your question:
My situation is not failed attempt, It just block the connection after few days.
So is there way to whitelist an ip through ssh so does not get blocked anymore?
thanks
If you are trying to use FTP from a remote location one may need to review the router logs to see if perhaps the router is closing or blocking the connection (port forward) to the My Cloud. One can also use the My Cloud Dashboard Help to save the My Cloud logs. One could review those logs to see if there is a specific issue happening right when the FTP connection is dropped. Also check the FTP client logs itself to see what the specific error it is generating when the connection is dropped to the My Cloud.
The previous link, the third post, details how one can could try adding the IP address of the FTP client PC/device to the etc/hosts.allow file on the My Cloud and then modify the vsftpd.conf file on the My Cloud to invoke the hosts.allow file and see if that helps with the FTP client connection being rejected.
One may also need to review their FTP client settings as well. Its possible there may be an issue with the āpassive modeā feature setting some FTP servers or client programs use.
Hello and thank you for your reply.
I am doing ftp from in local connection. I am doing local ftp backup and not a network share folder. The reason I am doing this way to prevent ransom attach on the cloud via shared folder.
so ip address is getting blocked from the cloud drive not router. I believe maybe because of the amount data is being transferred. I am moving a lot of data, It work for few days and then ip is in the block list again. This why I was looking for a way to white list the ip.
I am going to try the above suggestion and see if it works.
Thanks.
Not sure I understand why your using FTP rather than SMB (network share). If one isnāt using Cloud Access/Remote Access they can disable that feature within the My Cloud. Further if one is worried about a āransomware attackā on their My Cloud one should be blocking broadband/internet access to the My Cloud at the router/network firewall level as the first layer of security with turning off Cloud Access/Remote Access the second layer. The third layer is setting Shares to Private and giving all users strong passwords and limited Share access (only as needed to individual Private Shares). If the ransomware or malware breaches your network security on another computer or device then it potentially has free reign on your local network to infect the My Cloud even if you are using FTP to copy data to the My Cloud.
FTP, generally, is not a secure method of transferring files. Oneās login/password is typically sent in the clear and could potentially be intercepted. Plenty of articles online about the insecurity of the basic FTP protocol.
I read a lot of article regarding ransomware and found that most attack come through the network share and 90% of them come from email and some come from bad website that people hit by mistake. Not many come through the firewall at least not yet.
So I found for a small office the best solution is the remove the the could from smb (network share) and only link it via backup application and sync with application that have an ftp feature. so basically the files backup first is created on backup drive then it is moved to the cloud via ftp.
Now I know there is some ransomware that might go through ftp connection but they are not as common.
I am not sure if you have seen or read article that ransomware attacked come through local network ftp, not that many, again at least yet. Maybe after they read this they start working on itā¦
I believe there is no perfect solution other then physically removing the backup from the network and that sometime is not feasible.
If ransomware is already inside your network you already have major problems beyond if the My Cloud could be infected. There are various methods to try and mitigate or reduce the ability of malware and ransomware to infect a My Cloud but if it is already inside the local network every device is at risk (and likely already infected) not just the My Cloud an any backup data on it. Only way to truly isolate oneās backup data is to remove it completely from the local network. And one has to hope that backed up data isnāt itself infected by the malware/ransomware and that it wonāt re-infect the entire network once that backed up data is restored. Unfortunately once the local network is compromised the security vulnerabilities of the My Cloud OS3 firmware (beyond SMB access) are available to be exploited.
What others have done is to use Acronis True Image to backup to a Private My Cloud Share that no one else has access to and to which no Windows or Mac credentials are saved on the local computer. Acronis can apparently be configured to access a Private Share within the Acronis program without relying on the Windows/Mac PC credentials.
The downside with certain My Cloud devices is the user cannot (easily) disable Public access to the Public Share. So one Share is always available to the malware/ransomware to access and infect any files within that Public Share. The inability to (easily) remove the Public Share in OS3 has long been a complaint in these OS3 subforums.
If one is so concerned about ransomware one may want to rethink their backup process to use (perhaps exclusively) removeable media like USB hard drives rather than a NAS drive. And store that USB hard drive (perhaps in a remote location) unconnected to any computer/device. One should consider having multiple backup sets anyway beyond just using a My Cloud.
I can confirm the same issue on my EX2. Internal LAN IP addresses from security cameras that can only use FTP are blocked by the EX2 after a day or so. In addition, local FTP fails 9 out of ten times and technical support has been of no help resolving this issue which began with the version 5 update last year. According to the vague release notes in several following releases up to .113, WD tried to fix these problems but none have worked thus far.
Iām curious if you ever resolved this issue. Iāve had the same problem on my EX2 since the version 5 release last year. My LAN connected security cameras transmit to the NAS only via FTP. The IP addresses on several cameras are blocked after only a day or so. In addition FTP transfer of video and snaps is faulty with 9 out of 10 tries failing. I have a backup Synology NAS where local FTP works flawlesslyā¦
| Forums | News and Announcements | Register | Help | Forum Guidelines |
Copyright Ā© 2021 Western Digital Technologies, Inc. All rights
reserved.
|
Trademarks
|
Privacy
|
Community Terms of Service
|
Site Terms of Use
|
Copyright
|
Contact WD
|