Categories

Dedicated Servers
4
Networking & IP Addresses
4
VPS Hosting
4

  Categories

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket

FTP Server Configuration (Pure-FTPd, vsftpd, FileZilla Server) Print

  • 0

FTP (File Transfer Protocol) allows you to transfer files to and from your server. This guide covers the setup of popular FTP servers: Pure-FTPd and vsftpd for Linux, and FileZilla Server for Windows.

  1. Introduction
    • FTP is a standard network protocol used for transferring computer files between a client and a server on a computer network.
    • Important Security Note: Standard FTP transmits data, including passwords, in plain text. For secure file transfers, SFTP (SSH File Transfer Protocol, built into SSH) or FTPS (FTP over SSL/TLS) are highly recommended alternatives. Consider using SFTP as your primary method if SSH is available.
  2. vsftpd (Very Secure FTP Daemon) - Linux
    • Installation:
      • Ubuntu/Debian:sudo apt updatesudo apt install vsftpd
      • CentOS:sudo yum install vsftpd
    • Basic Configuration (/etc/vsftpd.conf):
      • Open the configuration file with a text editor (sudo nano /etc/vsftpd.conf).
      • Ensure the following settings (uncomment/change as needed):anonymous_enable=NO # Disable anonymous FTP for securitylocal_enable=YES # Allow local system users to log inwrite_enable=YES # Allow write commands (upload/delete)chroot_local_user=YES # Confine local users to their home directories (stronger security)pasv_enable=YES # Enable passive mode (often needed for clients behind NAT)pasv_min_port=40000 # Define a range for passive data ports (choose your own range)pasv_max_port=40005 # This range needs to be open in your firewall!
      • Save and exit the file.
    • Restart Service:sudo systemctl restart vsftpdsudo systemctl enable vsftpd # Ensure it starts on boot
    • Firewall Rules:
      • Open ports 20 (FTP Data) and 21 (FTP Control) for TCP.
      • Open the passive port range you defined (e.g., 40000-40005).
      • UFW (Ubuntu):sudo ufw allow 20/tcpsudo ufw allow 21/tcpsudo ufw allow 40000:40005/tcpsudo ufw reload
      • FirewallD (CentOS):sudo firewall-cmd --permanent --add-service=ftp # This opens 20, 21sudo firewall-cmd --permanent --add-port=40000-40005/tcpsudo firewall-cmd --reload
  3. Pure-FTPd - Linux
    • Installation:
      • Ubuntu/Debian:sudo apt updatesudo apt install pure-ftpd
      • CentOS: (Often requires EPEL repository)sudo yum install epel-releasesudo yum install pure-ftpd
    • Basic Configuration (Virtual Users Recommended):
      • Pure-FTPd often uses virtual users stored in a database, which can be mapped to a system user with limited privileges.
      • Example to create a virtual FTP user myftpuser mapped to a system user ftpuser with home directory /var/www/html/mysite:sudo adduser --no-create-home --shell /bin/false ftpusersudo pure-pw useradd myftpuser -u ftpuser -d /var/www/html/mysite -msudo pure-ftpd-wrapper
      • Configure passive port range: Edit /etc/pure-ftpd/pure-ftpd.conf (or similar) to set PassivePortRange (e.g., 30000 30005).
    • Restart Service:sudo systemctl restart pure-ftpdsudo systemctl enable pure-ftpd
    • Firewall Rules: Similar to vsftpd, open ports 20, 21, and your passive port range.
  4. FileZilla Server - Windows Server
    • Installation:
      • Download the FileZilla Server installer from the official FileZilla website.
      • Run the installer and follow the on-screen instructions. Install the "Server" component.
    • Configuration (FileZilla Server Interface):
      • Launch "FileZilla Server Interface" (from Start Menu).
      • Users: Go to "Edit" -> "Users". Click "Add" to create a new user.
        • Set a password for the user.
        • Under "Shared Folders", click "Add" to specify the user's home directory and set permissions (Read, Write, Delete, Append).
      • Passive Mode Settings: Go to "Edit" -> "Settings" -> "Passive mode settings".
        • Check "Use custom port range" and define your range (e.g., 50000-50010).
        • Check "Use custom host address" and enter your server's public IP address if it's behind NAT.
    • Windows Firewall:
      • Open Windows Firewall with Advanced Security (via Server Manager -> Tools).
      • Create Inbound Rules:
        • Rule for Port 21 (TCP): Allows FTP control connections.
        • Rule for your Passive Port Range (TCP): Allows FTP data connections (e.g., 50000-50010).
        • Optionally, a rule to allow the filezilla-server.exe program.
  5. Security Considerations for FTP:
    • Always prefer SFTP or FTPS:
      • SFTP: If you have SSH access to your Linux server, SFTP is already available on port 22 and encrypts all data. Use an SFTP client (like FileZilla Client) to connect using SSH credentials.
      • FTPS: For vsftpd or Pure-FTPd, you can configure FTPS by generating SSL/TLS certificates. This encrypts the FTP connection.
    • Use strong, unique passwords for all FTP users.
    • Limit user access to only necessary directories.
    • Consider IP restrictions in your firewall or FTP server configuration if access is only needed from specific locations.
  6. Conclusion
    • Configuring an FTP server allows for easy file management. Prioritize secure protocols like SFTP or FTPS to protect your data during transfers.

Was this answer helpful?

Related Articles

Basic OS Configuration (Linux: CentOS, Ubuntu, Debian; Windows Server) This article guides you through the essential initial configurations for your Linux (CentOS,... Installing Web Servers (Apache, Nginx, IIS) This guide covers the installation of the most popular web servers: Apache, Nginx (for Linux),... Setting Up Databases (MySQL, PostgreSQL, MSSQL) Databases are essential for dynamic websites and applications, storing and managing critical...
« Back

Powered by WHMCompleteSolution

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket