FTP blocking (1 Viewer)

H

Harris@Z

Registered User.
Local time
Today, 15:37
Joined
Oct 28, 2019
Messages
73
Hi, I am struggling to resolve this, and may not be resolvable because of firewall security?

I trigger this FTP code to upload a PDF file which has just been generated to my website.
If I deactivate my virus protection software, works fine. If not, is blocked.

Any suggestions whether there is a way around this with coding?

Thanks!

Code: 
Option Compare Database
Private Const FTP_TRANSFER_TYPE_UNKNOWN     As Long = 0
Private Const INTERNET_FLAG_RELOAD          As Long = &H80000000

Private Declare PtrSafe Function InternetOpenA Lib "wininet.dll" ( _
    ByVal sAgent As String, _
    ByVal lAccessType As Long, _
    ByVal sProxyName As String, _
    ByVal sProxyBypass As String, _
    ByVal lFlags As Long) As LongPtr

Private Declare PtrSafe Function InternetConnectA Lib "wininet.dll" ( _
    ByVal hInternetSession As LongPtr, _
    ByVal sServerName As String, _
    ByVal nServerPort As Long, _
    ByVal sUsername As String, _
    ByVal sPassword As String, _
    ByVal lService As Long, _
    ByVal lFlags As Long, _
    ByVal lcontext As Long) As LongPtr

Private Declare PtrSafe Function FtpGetFileA Lib "wininet.dll" ( _
    ByVal hconnect As LongPtr, _
    ByVal lpszRemoteFile As String, _
    ByVal lpszNewFile As String, _
    ByVal fFailIfExists As Long, _
    ByVal dwFlagsAndAttributes As Long, _
    ByVal dwFlags As Long, _
    ByVal dwContext As Long) As LongPtr
    
Private Declare PtrSafe Function FtpPutFileA _
   Lib "wininet.dll" _
 _
       (ByVal hFtpSession As LongPtr, _
        ByVal lpszLocalFile As String, _
        ByVal lpszRemoteFile As String, _
        ByVal dwFlags As Long, _
        ByVal dwContext As Long) As LongPtr

Private Declare PtrSafe Function InternetCloseHandle Lib "wininet" ( _
    ByVal hInet As LongPtr) As LongPtr

'WORKING IF ALLOWED VIA FIREWALL!!!
Sub FtpDownload(ByVal strRemoteFile As String, ByVal strLocalFile As String, ByVal strHost As String, ByVal lngPort As Long, ByVal strUser As String, ByVal strPass As String)
    Dim hOpen   As LongPtr
    Dim hConn   As LongPtr

    hOpen = InternetOpenA("FTPGET", 1, vbNullString, vbNullString, 1)
    hConn = InternetConnectA(hOpen, strHost, lngPort, strUser, strPass, 1, 0, 2)

    If FtpGetFileA(hConn, strRemoteFile, strLocalFile, 1, 0, FTP_TRANSFER_TYPE_UNKNOWN Or INTERNET_FLAG_RELOAD, 0) Then
        Debug.Print "Success"
    Else
        Debug.Print "Fail"
    End If

    'Close connections
    InternetCloseHandle hConn
    InternetCloseHandle hOpen
End Sub
Sub FtpUpload(ByVal strLocalFile As String, ByVal strRemoteFile As String, ByVal strHost As String, ByVal lngPort As Long, ByVal strUser As String, ByVal strPass As String)
    Dim hOpen   As LongPtr
    Dim hConn   As LongPtr
 
    hOpen = InternetOpenA("FTPGET", 1, vbNullString, vbNullString, 1)
    hConn = InternetConnectA(hOpen, strHost, lngPort, strUser, strPass, 1, 0, 2)
 
    If FtpPutFileA(hConn, strLocalFile, strRemoteFile, FTP_TRANSFER_TYPE_UNKNOWN Or INTERNET_FLAG_RELOAD, 0) Then
        Debug.Print "Success"
    Else
        Debug.Print "Fail"
        MsgBox "Is Antivirus Firewall blocking this code?"
    End If
 
    'Close connections
    InternetCloseHandle hConn
    InternetCloseHandle hOpen
 
End Sub

Function Upload_PDF(SaveDir As String, pdfname As String)

FtpUpload SaveDir & pdfname, "/xxxx.com/public_html/Reports/" & pdfname, _
            "11.111.11.111", 21, "xxxx@xxxx.com", "xxxxxx"

End Function
 
S

sonic8

AWF VIP
Local time
Today, 14:37
Joined
Oct 27, 2015
Messages
998
Harris@Z said:
I trigger this FTP code to upload a PDF file which has just been generated to my website.
If I deactivate my virus protection software, works fine. If not, is blocked.

Any suggestions whether there is a way around this with coding?
Click to expand...
May I rephrase this for you?

"I want to leave my house but the door is locked. If I unlock the door I can leave without problem but if the door is locked I can't."

So, what kind of Solution do you want to achieve here "with coding"?

Do you want to turn of your firewall with code?
Do you want to exploit a security vulnerability in your firewall to circumvent the blocking of those connections?
Do you want to find an entirely different way to upload files to your website?

IMO, the easiest solution would be to add a rule to the firewall to allow your FTP upload.
 
P

PeterF

Registered User.
Local time
Today, 14:37
Joined
Jun 6, 2006
Messages
295
I think your problem will be the fact that the time the virus scanner takes to scan the file is longer than te timeout for the ftp connection.
Don't know if it's possible to increase the timeout in the wininet.dll connection.
 
H

Harris@Z

Registered User.
Local time
Today, 15:37
Joined
Oct 28, 2019
Messages
73
Thanks for both your inputs.
  1. I have no experience with this, so I was wondering whether someone has found a way to deal with this, possibly "unlock the door", then "lock" after sending.
  2. I have been struggling with working out what rule to add to the firewall - seems like it wants to know what program it needs to add and will not accept an Access database.
  3. I do not think the problem is the virus scanner scanning the document
I am aware that one can get around this by activating a bat file to activate ftp software that will update, but that seems a solution if I cannot find an easier one.

I was hoping someone has resolved this before, so I can learn from more experienced coders - which I am not.
 
S

sonic8

AWF VIP
Local time
Today, 14:37
Joined
Oct 27, 2015
Messages
998
Harris@Z said:
I have no experience with this, so I was wondering whether someone has found a way to deal with this, possibly "unlock the door", then "lock" after sending.
Click to expand...
The problem here is that it is a security issue. If anyone can easily "unlock the door" there is no point in locking the door in the first place.

Protection software makes it deliberately hard to deactivate it or add exceptions by any sort of automation. That is exactly what actual malware would also try. If it would be easily possible, you wouldn't need the security software at all.

Harris@Z said:
I have been struggling with working out what rule to add to the firewall - seems like it wants to know what program it needs to add and will not accept an Access database.
Click to expand...
An Access database is just a dumb file doing nothing on its own. Only when it is loaded into Microsoft Access and ran there, it can do anything useful.
So, if you want to bypass the firewall with your Access application, you must add an exception for the MSAccess.exe process to your firewall. This implies that every Access database file may run code in Access to connect through your firewall. If you only want to connect to one single IP address or domain name, then add a very specific exception for this scenario to your firewall.

Harris@Z said:
I am aware that one can get around this by activating a bat file to activate ftp software that will update, but that seems a solution if I cannot find an easier one.
Click to expand...
No, you can't! Connections of FTP Software will all the same be blocked by your firewall, unless you add an exception to your firewall to allow this specific software to make FTP connections.
 
H

Harris@Z

Registered User.
Local time
Today, 15:37
Joined
Oct 28, 2019
Messages
73
Hi sonic8,
Fantastic advice, so much I have learnt.
I always learn a great deal from Access-Programmers!

This in particular is very useful and I will try this: "If you only want to connect to one single IP address or domain name, then add a very specific exception for this scenario to your firewall."

Much thanks!

Regards,
Harris
 
J

JaimeHeller

New member
Local time
Today, 18:07
Joined
Oct 26, 2023
Messages
1
sonic8 said:
The problem here is that it is a security issue. If anyone can easily "unlock the door" there is no point in locking the door in the first place.

Protection software makes it deliberately hard to deactivate it or add exceptions by any sort of automation. That is exactly what actual malware would also try. If it would be easily possible, you wouldn't need the security software at all.


An Access database is just a dumb file doing nothing on its own. Only when it is loaded into Microsoft Access and ran there, it can do anything useful.
So, if you want to bypass the firewall with your Access application, you must add an exception for the MSAccess.exe process to your firewall. This implies that every Access database file may run code in Access to connect through your firewall. If you only want to connect to one single IP address or domain name, then add a very specific exception for this scenario to your firewall.


No, you can't! Connections of FTP Software will all the same be blocked by your firewall, unless you add an exception to your firewall to allow this specific software to make FTP connections.
Click to expand...
Thanks for the advice, I appreciate you :)
 
You must log in or register to reply here.

Similar threads

H
FTP to Upload documents
Replies
7
Views
649
Harris@Z
H
Gasman
Sorting Addresses etc
Replies
13
Views
413
ebs17
E
S
Solved MS Access Navigationform moveable
Replies
1
Views
300
isladogs
isladogs
S
Solved Save Screenshot to Table
Replies
13
Views
274
Spalle
S
N
Solved How to get a socketID (data type long) from an Ip address & Port number
Replies
16
Views
602
nector
N

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Top Bottom