Home arrow Site Administration arrow Page 7 - Professional File Transfer with proFTPD

Giving Back - Administration

Need to set up an FTP server on your network to simplify file transfer between users or hosts? Look no further than the robust, secure and very free proFTPD server, which has everything you need to get up and running in a jiffy. This article covers installing and configuring proFTPD for both regular and anonymous FTP, and also explains how to customize the operation of the server for different requirements.

TABLE OF CONTENTS:
  1. Professional File Transfer with proFTPD
  2. The Sales Pitch
  3. Source Control
  4. Start Me Up
  5. Going Home
  6. Signed, Anonymous
  7. Giving Back
  8. Timberrrrrrrrr!
  9. Getting Virtual
  10. Passing Messages
  11. Ending On A High Note
By: Vikram Vaswani, (c) Melonfire
Rating: starstarstarstarstar / 26
May 14, 2003

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement
By default, only users with real accounts on the system are allowed to upload files to the FTP server - and even they are limited to uploads in their home area. Anonymous users, as demonstrated on the previous page, do not have the ability to upload files to the server. This is a fairly reasonable safety precaution if your server is exposed to the public Internet, because you never know what malicious files might be uploaded to your server; however, if your FTP server is running on a closed network, you might want to enable file upload for anonymous users also (perhaps to enable file sharing between users at different locations).

In order to do this, you should update the <Anonymous>...</Anonymous> block to look like this:
# set root directory for anonymous users to /home/ftp
<Anonymous/home/ftp>
# set the user and group for the server process
User ftp
Group ftp
# alias "anonymous" login to "ftp"
UserAlias anonymous ftp
# restrict "anonymous" users from writing data
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
# allow writes to the /home/ftp/incoming directory
# but do not allow reads
<Directory incoming>
<Limit READ WRITE>
DenyAll
</Limit>
<Limit STOR>
AllowAll
</Limit>
</Directory>
</Anonymous>
In case you haven't yet figured it out, the <Limit>...</Limit> block places restrictions on the commands that can be executed by a user, with the AllowAll and DenyAll directives specifying whether all clients can or cannot use those commands. For finer-grained control, proFTPD also provides the Allow and Deny directives, which permit you to set allow/deny rules on the basis of host or network name, rather than globally for all clients.

Now, create a directory in "/home/ftp" named "incoming", restart the server and try uploading a file anonymously into that directory:
$ ftp localhost
Connected to localhost(192.168.3.1).
220 ProFTPD 1.2.8 Server (ProFTPD) [olympus.melonfire.com] Name 
(localhost:joe): ftp 331 Anonymous login ok, send your complete email 
address as your password.
Password: *******
230 Anonymous access granted, restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (192,168,3,1,4,239).
150 Opening ASCII mode data connection for file list
drwxr-xr-x   2 ftp      ftp          4096 May  7 08:41 incoming
drwxr-xr-x   3 ftp      ftp          4096 Apr 28 06:45 pub
226 Transfer complete.
ftp> cd incoming
250 CWD command successful.
ftp> ls -l
227 Entering Passive Mode (192,168,3,1,4,227).
150 Opening ASCII mode data connection for file list
226 Transfer complete.
ftp> put mbox
local: mbox remote: mbox
227 Entering Passive Mode (192,168,3,1,4,231).
150 Opening BINARY mode data connection for mbox
226 Transfer complete.
9144 bytes sent in 0.00124 secs (7.2e+03 Kbytes/sec)
ftp> ls
227 Entering Passive Mode (192,168,3,1,4,235).
150 Opening ASCII mode data connection for file list
-rw-r--r--   1 ftp      ftp          9144 May  7 08:41 mbox
226 Transfer complete.
ftp> put mbox
local: mbox remote: mbox
227 Entering Passive Mode (192,168,3,1,4,237).
550 mbox: Overwrite permission denied
ftp> cd /
250 CWD command successful.
ftp> put mbox
local: mbox remote: mbox
227 Entering Passive Mode (192,168,3,1,4,233).
550 mbox: Permission denied
ftp> bye
221 Goodbye.
As you can see, proFTPD now permits uploads, but only into the "incoming" directory; uploads to any location elsewhere in the anonymous FTP area will fail. Additionally, anonymous users cannot download files from the "incoming" directory.

In case you'd like a slightly greater level of security for your anonymous FTP server, you can force anonymous users to provide an actual password to gain entry, rather than the default anything-goes email address. In order to enable this, simply add the
AnonRequirePassword on
line inside the <Anonymous>...</Anonymous> block of your configuration file, and proFTPD will only allow anonymous access to users who enter the system password for the "ftp" user.

 
 
>>> More Site Administration Articles          >>> More By Vikram Vaswani, (c) Melonfire
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

SITE ADMINISTRATION ARTICLES

- Coding: Not Just for Developers
- To Support or Not Support IE?
- Administration: Networking OSX and Win 7
- DotNetNuke Gets Social
- Integrating MailChimp with Joomla: Creating ...
- Integrating MailChimp with Joomla: List Mana...
- Integrating MailChimp with Joomla: Building ...
- Integrating MailChimp with Joomla
- More Top WordPress Plugins for Social Media
- Optimizing Security: SSH Public Key Authenti...
- Patches and Rejects in Software Configuratio...
- Configuring a CVS Server
- Managing Code and Teams for Cross-Platform S...
- Software Configuration Management
- Back Up a Joomla Site with Akeeba Backup

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: