An FTP SSL service is a controlled entry point for an encrypted FTP Web application on the server. This handles encrypted transactions between clients and the Barracuda Web Application Firewall and authentication with certificates. To create an FTP SSL service, select FTP SSL as the type of service. For additional instructions, go to the BASIC > Services page and click Help.
To configure an FTP SSL service:
- Go to the BASIC > Certificates page, and create a certificate. See How to Add an SSL Certificate.
- Go to the BASIC > Services page, Add New Service section and do the following:
- Service Name – Enter a name for the service.
- Type – Select FTP SSL from the drop down list.
- Virtual IP Address – Enter the Virtual IP (VIP) address used for accessing the service.
- Port – Enter the port number your web server responds to.
- Real Servers – Enter the IP address of the FTP server that hosts the service. This is the back-end server that is protected by the Barracuda Web Application Firewall.
- Service Groups – Select the group under which the service needs to be added.
- Certificate – Select a certificate from the drop down list that needs to be presented to the browser when accessing the service.
- Click Add.
- After adding the FTP SSL service, click Edit next to the created service in the Services section for additional configuration.
- In the Service window, scroll down to the FTP section and configure the FTP Attack Protection, PASV IP Address, and PASV Ports.
- Specify values for other parameters as required, and click Save.
- Go to the WEBSITES > FTP Security page and configure the required FTP verbs/commands for the FTP service. (Optional)