[BlueOnyx:23037] CushyCMS and ProFTPD

[Ken Hohhof]

It turns out we have a webhosting customer who has been using a web-based
CMS app called CushyCMS to edit one page on their site.  I am not familiar
with CushyCMS but apparently it uses embedded HTML tags to define editable
elements on the pages, and the CushyCMS server pulls the pages from the
webserver via FTP and then pushes the edits back via FTP.

 

This customer says CushyCMS has stopped working, and is giving a generic
"FTP Error".  However their web designer is able to access the site manually
via FTP with no problem.

 

Given the timeframe, I am wondering if this is related to the recent update
to ProFTPD.  I am seeing a bunch of zero second connections from the
CushyCMS IP address and in ban.log I am seeing that IP address getting
banned due to excessive client connection rate.  I have not edited those
settings, it appears that >30 connections in 60 seconds will get the IP
banned for 1 hour.  This only seems to have started happening in the past
week or so, but as near as I can determine, the mod_ban configuration is not
new, I don't think the recent update changed it.

 

Is anyone familiar with CushyCMS, or have any insight into why it can no
longer access the site via FTP yet manual FTP works?  If we didn't break
this, I don't want to spend a lot of effort or ask any of you to do so in
order to debug this.  Since it's basically a robot, I don't expect we will
have access to error messages or other troubleshooting info like we would if
a human was trying to use FTP.

 

I am not sure if exceeding the 1 connection every 2 seconds limit is a cause
or a symptom.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20190730/eaf9c78c/attachment.html>