Documentation

9.9. Banning users

A deny-username authentication method can be used to block/deny authentication for a configured list of denied users.

You can use it for file transfer services, as well as for the Web Manager service.

Note

Add this authentication method as the first one in the list of active authentication methods to make sure the users are not authenticated earlier by other authentication methods.

9.9.1. name

Default value:

''

Optional:

Yes

From version:

2.10.0

Values:
  • Any text.

Description:

Human-readable short text used to identify this method.

9.9.2. description

Default value:

''

Optional:

Yes

From version:

2.10.0

Values:
  • Any text.

Description:

Human-readable text that describes the purpose of this authentication method.

9.9.3. type

Default value:

''

Optional:

No

From version:

2.10.0

Values:
  • application - Application accounts.

  • os - Accounts authenticated by the OS.

  • http - HTTP (unsecured).

  • ip-time-ban - Ban an IP address for a time interval.

  • deny-username - Deny authentication based on usernames.

  • anonymous - Anonymous account authentication.

  • ldap - Authenticate against an LDAP server.

  • local-file - Authenticate the accounts from a separate local file.

  • radius - Authenticate via an RADIUS server.

  • entra-id - Microsoft Entra ID

Description:

This option specifies the type of the method. Each type has a set of specific configuration options

9.9.4. usernames

Default value:

''

Optional:

Yes

Values:
  • Comma-separated list of usernames.

From version:

3.0.0

Description:

Comma-separated list of usernames denied by this authentication method.

The check is done in a case-insensitive way.

Usernames should be defined in lower-case.