I have no user "anonymous". Can't see a setting which enables anonymous users. Yet someone is getting in regularly. Don't seem to be able to do anything, but I'd rather this did not happen
<system user> disabled.
Anyone?
2024-01-22T22:16:45.344Z == [FTP Server] Session 37 ended gracefully.
2024-01-22T22:16:46.104Z << [FTP Session 38 34.76.158.233] 220-FileZilla Server 1.8.0
2024-01-22T22:16:46.104Z << [FTP Session 38 34.76.158.233] 220 Please visit https://filezilla-project.org/
2024-01-22T22:16:46.139Z >> [FTP Session 38 34.76.158.233] USER anonymous
2024-01-22T22:16:46.139Z << [FTP Session 38 34.76.158.233] 331 Please, specify the password.
2024-01-22T22:16:46.606Z >> [FTP Session 38 34.76.158.233] PASS ****
2024-01-22T22:16:47.600Z << [FTP Session 38 34.76.158.233 anonymous] 230 Login successful.
2024-01-22T22:16:48.058Z >> [FTP Session 38 34.76.158.233 anonymous] OPTS UTF8 ON
2024-01-22T22:16:48.058Z << [FTP Session 38 34.76.158.233 anonymous] 202 UTF8 mode is always enabled. No need to send this command
2024-01-22T22:16:48.908Z >> [FTP Session 38 34.76.158.233 anonymous] PWD
2024-01-22T22:16:48.908Z << [FTP Session 38 34.76.158.233 anonymous] 257 "/" is current directory.
2024-01-22T22:16:50.262Z >> [FTP Session 38 34.76.158.233 anonymous] TYPE A
2024-01-22T22:16:50.262Z << [FTP Session 38 34.76.158.233 anonymous] 200 Type set to A
2024-01-22T22:16:50.819Z >> [FTP Session 38 34.76.158.233 anonymous] PASV
2024-01-22T22:16:50.844Z << [FTP Session 38 34.76.158.233 anonymous] 227 Entering Passive Mode (185,149,210,83,31,129)
2024-01-22T22:16:51.381Z >> [FTP Session 38 34.76.158.233 anonymous] LIST
2024-01-22T22:16:51.383Z << [FTP Session 38 34.76.158.233 anonymous] 550 Couldn't open the file or directory
Anonymous user got in... shouldn't have
Moderator: Project members
-
jeremypoynton
- 450 Internal Error
- Posts: 41
- Joined: 2023-07-04 08:52
- First name: Jeremy
- Last name: Poynton
Re: Anonymous user got in... shouldn't have
If there's no user with that name, there's no way a user with that name could log in. How many servers are you running? If more than one, are you sure you're looking at the "right" one?
If just one, where did you download FileZilla Server from? Our website or a third party website?
If just one, where did you download FileZilla Server from? Our website or a third party website?
-
jeremypoynton
- 450 Internal Error
- Posts: 41
- Joined: 2023-07-04 08:52
- First name: Jeremy
- Last name: Poynton
Re: Anonymous user got in... shouldn't have
That's what I thought. Always download on notification of an update. I have a user "anon", but no "anonymous" - and as per the log, they got in 
Re: Anonymous user got in... shouldn't have
Are you sure you haven't an anonymous user too, that perhaps you forgot about? The user clearly doesn't have a mount list associated. Perhaps you created it, then thought to change its name to "anon" but created a new user instead?
As said, the user must be there for anybody to be able to login with that user.
As said, the user must be there for anybody to be able to login with that user.
-
jeremypoynton
- 450 Internal Error
- Posts: 41
- Joined: 2023-07-04 08:52
- First name: Jeremy
- Last name: Poynton
Re: Anonymous user got in... shouldn't have
Quite sure. As noted, an anon login id, which is occasionally used, but only able to access the linked folder. Never one named "anonymous". 100% user. Was very startled when I observed it in the log yesterday.