FlashFXP Forums - View Single Post

Yil · 06-06-2011, 08:05 PM

Ullman: When you say they can't login does it reject their password or can they not even get that far?

If you are using the 'Reject_Unknown_Ips' option that will immediately disconnect anyone whose IP or reversed hostname doesn't match the hostmask for at least one user. That makes for a more secure site, but does mean the server is picky about who can connect. I haven't used the feature in a while, but obviously there's a lot more chance for me to goof something up since the server has to track all hostmasks. For the record, it also interacts with the dynamic DNS hostmask feature (the : prefix) of user's hostmasks and the work-around is the Knock feature. I don't think restarting the server would make a difference, but if you are using a dynamic DNS hostname that could take a while for a newly updated name to timeout in DNS caches (including the local windows one) and thus waiting a while may make a difference.

If, however, this is a simple login failed rejection then check what the error log says was the reason along with the hostmask. I can't think of any reason gadduser would be different than adduser in this case since they use the same code.

Is the problem reproducible and does it happen to every user, just some users, and if some what do they have in common?

06-06-2011, 08:05 PM
Yil Too much time... Join Date: May 2005 Posts: 1,194	Ullman: When you say they can't login does it reject their password or can they not even get that far? If you are using the 'Reject_Unknown_Ips' option that will immediately disconnect anyone whose IP or reversed hostname doesn't match the hostmask for at least one user. That makes for a more secure site, but does mean the server is picky about who can connect. I haven't used the feature in a while, but obviously there's a lot more chance for me to goof something up since the server has to track all hostmasks. For the record, it also interacts with the dynamic DNS hostmask feature (the : prefix) of user's hostmasks and the work-around is the Knock feature. I don't think restarting the server would make a difference, but if you are using a dynamic DNS hostname that could take a while for a newly updated name to timeout in DNS caches (including the local windows one) and thus waiting a while may make a difference. If, however, this is a simple login failed rejection then check what the error log says was the reason along with the hostmask. I can't think of any reason gadduser would be different than adduser in this case since they use the same code. Is the problem reproducible and does it happen to every user, just some users, and if some what do they have in common?