I’ve been randomly checking the server log files this morning and saw anonymous ftp logins to the server, some of the logins were trying to access one of the blogs hosted on that server. The server is running WHM/Cpanel for website management which by default the anonymous ftp is enabled.

Although pure-ftpd’s anonymous access is secure, I’m just not comfortable with the thought of allowing anonymous access on any of my servers.

Nov 23 16:21:08 batcave pure-ftpd: (?@125.234.144.222) [INFO] New connection from 125.234.144.222
Nov 23 16:21:09 batcave pure-ftpd: (?@125.234.144.222) [INFO] Anonymous user logged in the virtual FTP: 74.117.157.169
Nov 23 16:21:10 batcave pure-ftpd: (ftp@125.234.144.222) [INFO] Can't change directory to /blog/category/: Permission denied
Nov 23 16:22:22 batcave pure-ftpd: (ftp@125.234.144.222) [INFO] Logout.
Nov 23 18:18:29 batcave pure-ftpd: (?@174.121.182.218) [INFO] New connection from 174.121.182.218
Nov 23 18:18:29 batcave pure-ftpd: (?@174.121.182.218) [INFO] Logout.
Nov 24 02:51:12 batcave pure-ftpd: (?@125.234.144.222) [INFO] New connection from 125.234.144.222
Nov 24 02:51:15 batcave pure-ftpd: (?@125.234.144.222) [INFO] Anonymous user logged in the virtual FTP: 74.117.157.169
Nov 24 02:51:16 batcave pure-ftpd: (ftp@125.234.144.222) [INFO] Can't change directory to /blog/category/: Permission denied
Nov 24 02:51:21 batcave pure-ftpd: (ftp@125.234.144.222) [INFO] Logout.
Nov 24 07:46:29 batcave pure-ftpd: (?@209.190.73.3) [INFO] New connection from 209.190.73.3
Nov 24 07:46:29 batcave pure-ftpd: (?@209.190.73.3) [INFO] Logout.
Nov 24 08:05:32 batcave pure-ftpd: (?@121.96.39.131) [INFO] New connection from 121.96.39.131
Nov 24 08:05:35 batcave pure-ftpd: (?@121.96.39.131) [INFO] Anonymous user logged in the virtual FTP: 74.117.157.169
Nov 24 08:05:45 batcave pure-ftpd: (ftp@121.96.39.131) [INFO] Logout.
Nov 24 07:11:42 batcave pure-ftpd: (?@121.96.39.131) [INFO] New connection from 121.96.39.131
Nov 24 07:11:49 batcave pure-ftpd: (?@121.96.39.131) [INFO] anonymous is now logged in
Nov 24 07:12:14 batcave pure-ftpd: (anonymous@121.96.39.131) [ERROR] Can't create directory: Permission denied
Nov 24 07:12:18 batcave pure-ftpd: (anonymous@121.96.39.131) [INFO] Logout.

Here’s how to disable anonymous ftp access on both global and domain specific.

If you have access to WHM (web host manager) then you can disable anonymous ftp access globally, meaning, for the entire server.

1. Login to your WHM account, under Service Configuration, click on FTP Server configuration.

2. Look for the Allow Anonymous Logins and Allow Anonymous Uploads row and set it to “No” and click Save.

If you don’t have access to WHM, then you need to login to your cpanel account.

1. In your cpanel account, look for the FTP Manager and click on it. Now click on Setup Anonymous FTP Access.

2. Under the Anonymous FTP Controls page, make sure that “Allow anonymous access” box is unchecked then click on Save Settings button.

And that’s about it, if you will try to login anonymously on ftp, it should return a login failed error.