Dear comunnity,
I am using FileZilla Server version 1.8.1.
I had an issue where my clients could not connect to my FTP server.
After searching my LOG's for a clue I found several messages like this:
2024-02-29T06:11:05.445Z DW [Throttled Authenticator, FTP Session: 231413] Authentication for user XXX from IP YYY will be delayed 59s.
I am behind a SRC NAT firewall so all my connections come from the same IP address.
Because of this my clients could not login to my server which caused a lot of issues.
Is there a way to disable this behavior? I can not find any setting for this "Throttled Authenticator". What can I do?
Thank you all for your support!
Throttled Authenticator Authentication for user will be delayed
Moderator: Project members
Re: Throttled Authenticator Authentication for user will be delayed
That's an automatic Anti-DOS measure, it triggers after multiple failed authentications from one IP. Being a security feature, you cannot disable it.
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
Re: Throttled Authenticator Authentication for user will be delayed
If you look up in the log file you will find the reason for that throttling.
You should see lines like "Recording failed login for user X from IP a.b.c.d" and either or both "User X has failed login too many times (>= 5) within a 60s time window. Next login will be delayed Ys from now." and "Login from IP a.b.c.d has failed too many times (>= 5) within a 60s time window. Next login will be delayed Ys from now."
As @boco said, this feature is built in and it's currently not possible to disable or configure with different time settings.
You should see lines like "Recording failed login for user X from IP a.b.c.d" and either or both "User X has failed login too many times (>= 5) within a 60s time window. Next login will be delayed Ys from now." and "Login from IP a.b.c.d has failed too many times (>= 5) within a 60s time window. Next login will be delayed Ys from now."
As @boco said, this feature is built in and it's currently not possible to disable or configure with different time settings.