Differences

This shows you the differences between two versions of the page.

--- ftp-install [2020/10/26 16:04] – gwsadmin
+++ ftp-install [2020/12/04 10:50] – gwsadmin
@@ Line 4: / Line 4: @@
 <code language-bash>
-'sudo apt update && sudo apt install vsftpd
+sudo apt update && sudo apt install vsftpd
 </code>
   * Once installed check status
@@ Line 21: / Line 23: @@
 Apr 27 19:35:30 ubuntu systemd[1]: Starting vsftpd FTP server...
 Apr 27 19:35:30 ubuntu systemd[1]: Started vsftpd FTP server.'
 </code>
   * Configure Firewall
@@ Line 30: / Line 34: @@
 sudo ufw allow 40000:50000/tcp
 sudo ufw allow 990/tcp
 </code>
   * Add FTP user
 <code language-bash>
 sudo adduser ftpuser
 </code>
   * Add the user to the webserver root directory
 <code language-bash>
 sudo usermod -d /var/www ftpuser
 </code>
   * Allow ftp user to write and alter documents in the web directory
 <code language-bash>
 sudo chown ftpuser:ftpuser /var/www/html
 </code>
 ==== Configure vsftpd ====
@@ Line 56: / Line 68: @@
 <code language-bash>
 sudo mv /etc/vsftpd.conf /etc/vsftpd.conf.bak
 </code>
   * Create a new config file
 <code language-bash>
 sudo nano /etc/vsftpd.conf
 </code>
   * Paste in the following
-<code pre-only>
+<code bash>
-'listen=NO
+listen=NO
 listen_ipv6=YES
 anonymous_enable=NO
@@ Line 83: / Line 99: @@
 pasv_min_port=40000
 pasv_max_port=50000
+allow_writeable_chroot=YES
 </code>
   * Save the file
   * Restart vsftpd
-<code  language-bash>
+<code language-bash>
-''sudo systemctl restart vsftpd''
+sudo systemctl restart vsftpd
 </code>
+Now, if this was purely to just upload files we can stop here, however, normally you want to FTP a site that is for the web, so we need to be able to have the FTP user/group work in tandem with the www-data user/group.
+So, here is what is needed:
+  * Create a new group (www-pub) and add the users to that group
+<code bash>
+sudo groupadd www-pub
+</code>
+  * Add FTP user AND www-data to the group
+<code bash>
+usermod -a -G www-pub ftpuser
+usermod -a -G www-pub www-data
+</code>
+  * Check that the users are part of all groups
+<code bash>
+sudo groups ftpuser
+sudo groups www-data
+</code>
+  * Change ownership of everything under the web directory
+<code bash>
+sudo chown -R root:www-pub /where/your/web/directory/is
+</code>
+  * Then change the permissions (or certain web sites won't work - such as NextCloud or WHMCS)
+<code bash>
+sudo chmod 2775 /where/your/web/directory/is
+</code>
+  * In detail, this is what each number is doing://2=set group id, 7=rwx for owner (root), 7=rwx for group (www-pub), 5=rx for world (including nginx www-data user)//
+**Then you should be able to FTP to a site without changing permissions all over the place!**

User Tools

Site Tools

Differences

Page Tools