It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-8)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud-to-Cloud Backup

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Web Security Agent

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Firewall Policy Manager

Server Backup (Yosemite)

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup

MSP – Partner Management

MSP Knowledgebase

MSP – Partner Sales Enablement

NextGen Firewall X

Campus Help Center / Reference

TechSummit 2019

Support Services

Network Security

Barracuda Web Application Firewall

Overview Documentation Training Certification Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud-to-Cloud Backup

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Web Security Agent

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Firewall Policy Manager

Server Backup (Yosemite)

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup

MSP – Partner Management

MSP Knowledgebase

MSP – Partner Sales Enablement

NextGen Firewall X

Campus Help Center / Reference

TechSummit 2019

Support Services

Network Security

Login Sign Up Contact & Support

United States – English (GMT-8)

Back to Knowledgebase

How do I enable FTP Security for configured FTP applications on the Barracuda Web Application Firewall?

Type: Knowledgebase
Date changed: 2 years ago

Solution #00005878

Scope:

This solution applies to the Barracuda Web Application Firewall, all firmware versions.

Answer:
The Web Application Firewall allows you to specify which FTP commands should be allowed there by blocking any un-configured verb. Command blocking is used to stop commands (verbs) that might be sent in an attempt to attack your FTP application.

To enable FTP security, please go to Web sites > Advanced Security > FTP Security.

Status - Enables command blocking for this FTP application
Values: On, Off

FTP Allowed Verbs - The requests that attack an FTP application have commands that need to be blocked.
This parameter allows a strict configuration of specifying only the allowed FTP verbs.

You can add to (or delete from) this list. "get" and "mget" are FTP client side directives. They translate to RETR on the control connection. "put" and "mput" translate to STOR on the control connection.

So to block uploads, you may remove STOR from the allowed verb list

Note: Even when the PORT command is allowed, sending a PORT command with a port less than 1024 is not allowed.

Default: USER, PASS, ACCT, CWD, CDUP, STOU, APPE, LIST, NLST, HELP, QUIT, PORT, TYPE, MODE, STRU, RETR, STOR, NOOP, SYST, PASV

Link to this page:

https://campus.barracuda.com/solution/50160000000Ign9AAC

Additional Resources

More

Print Share Page