User Tools

Site Tools

Trace:
ftp-install

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
ftp-install [2020/10/26 15:58] gwsadminftp-install [2020/12/04 10:50] gwsadmin
Line 1: Line 1:
 ====== How to install an FTP Server ====== ====== How to install an FTP Server ======
  
-Install vsftpd+  * Install vsftpd
  
 <code language-bash> <code language-bash>
-'sudo apt update && sudo apt install vsftpd+sudo apt update && sudo apt install vsftpd
  
  
 </code> </code>
  
-Once installed check status+  * Once installed check status
  
 <code pre-only> <code pre-only>
Line 27: Line 27:
 </code> </code>
  
-Congigue Firewall+  * Configure Firewall
  
 <code language-bash> <code language-bash>
Line 38: Line 38:
 </code> </code>
  
-Add FTP user+  * Add FTP user
  
 <code language-bash> <code language-bash>
-''sudo adduser ftpuser''+sudo adduser ftpuser
  
  
 </code> </code>
  
-Add the user to the web server root directory+  * Add the user to the webserver root directory
  
 <code language-bash> <code language-bash>
-''sudo usermod -d /var/www ftpuser''+sudo usermod -d /var/www ftpuser
  
  
 </code> </code>
  
-Allow ftp user to write and alter documents in web directory+  * Allow ftp user to write and alter documents in the web directory
  
 <code language-bash> <code language-bash>
-''sudo chown ftpuser:ftpuser /var/www/html''+sudo chown ftpuser:ftpuser /var/www/html
  
  
 </code> </code>
 +
 +==== Configure vsftpd ====
 +
 +  * Rename config file
 +
 +<code language-bash>
 +sudo mv /etc/vsftpd.conf /etc/vsftpd.conf.bak
 +
 +
 +</code>
 +
 +  * Create a new config file
 +
 +<code language-bash>
 +sudo nano /etc/vsftpd.conf
 +
 +
 +</code>
 +
 +  * Paste in the following
 +
 +<code bash>
 +listen=NO
 +listen_ipv6=YES
 +anonymous_enable=NO
 +local_enable=YES
 +write_enable=YES
 +local_umask=022
 +dirmessage_enable=YES
 +use_localtime=YES
 +xferlog_enable=YES
 +connect_from_port_20=YES
 +chroot_local_user=YES
 +secure_chroot_dir=/var/run/vsftpd/empty
 +pam_service_name=vsftpd
 +force_dot_files=YES
 +pasv_min_port=40000
 +pasv_max_port=50000
 +allow_writeable_chroot=YES
 +
 +</code>
 +
 +  * Save the file
 +  * Restart vsftpd
 +
 +<code language-bash>
 +sudo systemctl restart vsftpd
 +
 +
 +</code>
 +
 +Now, if this was purely to just upload files we can stop here, however, normally you want to FTP a site that is for the web, so we need to be able to have the FTP user/group work in tandem with the www-data user/group.
 +
 +So, here is what is needed:
 +
 +  * Create a new group (www-pub) and add the users to that group
 +
 +<code bash>
 +sudo groupadd www-pub
 +
 +
 +</code>
 +
 +  * Add FTP user AND www-data to the group
 +
 +<code bash>
 +usermod -a -G www-pub ftpuser
 +
 +usermod -a -G www-pub www-data
 +
 +
 +</code>
 +
 +  * Check that the users are part of all groups
 +
 +<code bash>
 +sudo groups ftpuser
 +
 +sudo groups www-data
 +
 +
 +</code>
 +
 +  * Change ownership of everything under the web directory
 +
 +<code bash>
 +sudo chown -R root:www-pub /where/your/web/directory/is
 +
 +
 +</code>
 +
 +  * Then change the permissions (or certain web sites won't work - such as NextCloud or WHMCS)
 +
 +<code bash>
 +sudo chmod 2775 /where/your/web/directory/is
 +
 +
 +</code>
 +
 +  * In detail, this is what each number is doing://2=set group id, 7=rwx for owner (root), 7=rwx for group (www-pub), 5=rx for world (including nginx www-data user)//
 +
 +**Then you should be able to FTP to a site without changing permissions all over the place!**
  
  
ftp-install.txt · Last modified: 2023/05/17 22:52 by 127.0.0.1

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Valid HTML5 Valid CSS Driven by DokuWiki