Blocking FTP Commands

Blocking FTP Commands

You can use Application Control to ensure that your FTP server is read-only by blocking commands such as put, mput, rename_to, rename_from, rmdir, and mkdir.

The following procedure shows how to create match object containing only the put command, but you could include all of the FTP commands in the same match object.

To block FTP commands:

1

Navigate to Firewall > Match Object.

2

Click Add New Match Object. The Add/Edit Match Object dialog displays.

3

Create a match object that matches on the put command:

TIP: Select the FTP command from the Command drop-down menu.

TIP: Because the mput command is a variation of the put command, a match object that matches the put command also matches the mput command.

4

5

Optionally, you can create a customized FTP notification action that sends a message to the client.

a

Navigate to Firewall > Action Objects.

b

Click Add New Action Object. The Add/Edit Action Object dialog displays.

c

Create the Action Object with the message to be displayed.

d

6

Navigate to Firewall > App Rules.

7

Click Add New Policy. The Edit App Control Policy dialog displays.

8

Create a policy that references this match object and action. If you prefer to simply block the put command and reset the connection, you can select the Reset/Drop action when you create the policy.

9