Solution #00005878
Scope:
Answer:
The Web Application Firewall allows you to specify which FTP commands should be allowed there by blocking any un-configured verb. Command blocking is used to stop commands (verbs) that might be sent in an attempt to attack your FTP application.
To enable FTP security, please go to Web sites > Advanced Security > FTP Security.
Status - Enables command blocking for this FTP application
Values: On, Off
FTP Allowed Verbs - The requests that attack an FTP application have commands that need to be blocked.
This parameter allows a strict configuration of specifying only the allowed FTP verbs.
You can add to (or delete from) this list. "get" and "mget" are FTP client side directives. They translate to RETR on the control connection. "put" and "mput" translate to STOR on the control connection.
So to block uploads, you may remove STOR from the allowed verb list
Note: Even when the PORT command is allowed, sending a PORT command with a port less than 1024 is not allowed.
Default: USER, PASS, ACCT, CWD, CDUP, STOU, APPE, LIST, NLST, HELP, QUIT, PORT, TYPE, MODE, STRU, RETR, STOR, NOOP, SYST, PASV
Link to this page:
https://campus.barracuda.com/solution/50160000000Ign9AAC