Differences

This shows you the differences between two versions of the page.

--- ftp-install [2020/10/21 23:30] – gwsadmin
+++ ftp-install [2020/12/04 10:50] – gwsadmin
@@ Line 1: / Line 1: @@
 ====== How to install an FTP Server ======
-======   ======
+  * Install vsftpd
-====== Coming Soon ======
+<code language-bash>
+sudo apt update && sudo apt install vsftpd
+</code>
+  * Once installed check status
+<code pre-only>
+vsftpd.service - vsftpd FTP server
+     Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled; vendor preset: enabled)
+     Active: active (running) since Mon 2020-04-27 19:35:30 IST; 13s ago
+   Main PID: 54532 (vsftpd)
+      Tasks: 1 (limit: 1137)
+     Memory: 652.0K
+     CGroup: /system.slice/vsftpd.service
+             └─54532 /usr/sbin/vsftpd /etc/vsftpd.conf
+Apr 27 19:35:30 ubuntu systemd[1]: Starting vsftpd FTP server...
+Apr 27 19:35:30 ubuntu systemd[1]: Started vsftpd FTP server.'
+</code>
+  * Configure Firewall
+<code language-bash>
+sudo ufw allow 20/tcp
+sudo ufw allow 40000:50000/tcp
+sudo ufw allow 40000:50000/tcp
+sudo ufw allow 990/tcp
+</code>
+  * Add FTP user
+<code language-bash>
+sudo adduser ftpuser
+</code>
+  * Add the user to the webserver root directory
+<code language-bash>
+sudo usermod -d /var/www ftpuser
+</code>
+  * Allow ftp user to write and alter documents in the web directory
+<code language-bash>
+sudo chown ftpuser:ftpuser /var/www/html
+</code>
+==== Configure vsftpd ====
+  * Rename config file
+<code language-bash>
+sudo mv /etc/vsftpd.conf /etc/vsftpd.conf.bak
+</code>
+  * Create a new config file
+<code language-bash>
+sudo nano /etc/vsftpd.conf
+</code>
+  * Paste in the following
+<code bash>
+listen=NO
+listen_ipv6=YES
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+dirmessage_enable=YES
+use_localtime=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+chroot_local_user=YES
+secure_chroot_dir=/var/run/vsftpd/empty
+pam_service_name=vsftpd
+force_dot_files=YES
+pasv_min_port=40000
+pasv_max_port=50000
+allow_writeable_chroot=YES
+</code>
+  * Save the file
+  * Restart vsftpd
+<code language-bash>
+sudo systemctl restart vsftpd
+</code>
+Now, if this was purely to just upload files we can stop here, however, normally you want to FTP a site that is for the web, so we need to be able to have the FTP user/group work in tandem with the www-data user/group.
+So, here is what is needed:
+  * Create a new group (www-pub) and add the users to that group
+<code bash>
+sudo groupadd www-pub
+</code>
+  * Add FTP user AND www-data to the group
+<code bash>
+usermod -a -G www-pub ftpuser
+usermod -a -G www-pub www-data
+</code>
+  * Check that the users are part of all groups
+<code bash>
+sudo groups ftpuser
+sudo groups www-data
+</code>
+  * Change ownership of everything under the web directory
+<code bash>
+sudo chown -R root:www-pub /where/your/web/directory/is
+</code>
+  * Then change the permissions (or certain web sites won't work - such as NextCloud or WHMCS)
+<code bash>
+sudo chmod 2775 /where/your/web/directory/is
+</code>
+  * In detail, this is what each number is doing://2=set group id, 7=rwx for owner (root), 7=rwx for group (www-pub), 5=rx for world (including nginx www-data user)//
+**Then you should be able to FTP to a site without changing permissions all over the place!**

User Tools

Site Tools

Differences

Page Tools