GoAnywhere Forum

Hello ,
We recently implemented Goanywhere Services in our company and we are seeing lot of rogue hits on our
FTP and SFTP ports.
We are not in a position to filter IPs in our firewall since many small stores connect to our server and they dont have a static IP and they keep changing.
Other alternative is to blacklist the rogue IPs , but when we blacklist the IP , the hits start coming from some other IP addresses .
Has anyone faced similar issue .would be intrested to know what measures can be taken to mitigate this.

Thank you,
Samuel Augustine

Try activating the Auto Blacklisting option within GAServices.

This can be found under the Security Menu and allows you to build your own company defined sensitivity into the black listing for DOS and Brute-Force attacks. Ban type can be Permanent as well as Temporary.

Unfortunately in our case , the services sits behind a firewall and a loadbalancer and does not receive
the original IP.

At the services level there is only one IP ( the gateway IP ) for all the inbound connections.

Samuel,

For the AutoBlock IP to work, it needs that originating IP address. This value can be passed through your Load Balancer into Gateway -> GAServices for this to happen.

Check with your network folks to see if they can set the option in the Load Balancer to get you that information .