Skip to main content
Skip table of contents

Set Up Server Access Policies

Overview

You can manage and enforce access policies for each server or group of servers your organization oversees. This includes setting specific days and times for access, identifying multiple failed attempts within a defined timeframe as an anomaly, and subsequently blocking the account from accessing the server. Additionally, you can stipulate the maximum number of sessions allowed per user, restrict commands, and more.

Set Up Server Access Policies

Server access policies can be set on servers and server groups.

  • Settings > Server Settings > Connection Management > Servers

  • Settings > Server Settings > Connection Management > Server Groups

If the server is included in a server group, it automatically inherits the policies set for that group. However, if the server's policy inheritance setting is configured to "Operate separately," it will have its own independent set of policies without inheriting those of the server group.

Server Settings > Connection Management > Servers or Server Groups

  1. Navigate to Server Settings > Connection Management > Servers or Server Groups menu.

  2. Select the desired server or server group from the list.

  3. Scroll down to the Policy section located at the bottom.

  4. For each item, input the following details to configure the policy:

    1. Access Start Time : Specify the start time for the connection's accessibility in the designated time zone.

    2. Access End Time : Specify the end time for the connection's accessibility in the designated time zone.

    3. Weekday Access Allowed : Choose the days of the week when the connection is accessible.

    4. Maximum Login Failures: Define the maximum number of login failures permitted for this connection.

    5. Specified Time Interval Before Lockout: Set the time interval within which the maximum login failures are counted.

      1. For instance, suppose you configure the maximum number of failed login attempts to be 3 within a time frame of 10 minutes.

      2. In this scenario, if a user experiences 3 failed login attempts within the specified 10-minute window, it will trigger a policy violation, resulting in the account being locked out.

      3. Consequently, the affected account will no longer be able to access the server using those credentials.

    6. Number of Sessions Allowed: Determine the maximum number of sessions allowed per user on the server. The default value is 1, and you can enter up to 9,999.

    7. Restrict Commands (SSH): Define policies for commands executed via the web terminal on the server.

      1. Maximum Attempts Allowed: Limit the number of times a prohibited command can be executed.

      2. Specified Time interval Before Lockout: Set the time interval for counting prohibited command executions.

      3. Keyword : Specify the banned command as a keyword.

      4. RegExr: Specify the banned command as a regular expression.

    8. Restrict Commands (SFTP): Set policies for actions performed over web SFTP. You have the option to limit various actions such as directory/file deletion, file upload, file download, and directory creation.

    9. Command Audit: Choose whether to log executed commands on this server (Default = On).

  5. Once you have configured the policies, click the Save Changes button at the top right corner to apply the settings.

Related Topics

Back to Server Access Policies

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close