User Tools

Site Tools

Trace:
ftp-install

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
ftp-install [2020/10/26 15:58] gwsadminftp-install [2023/05/17 22:52] (current) – external edit 127.0.0.1
Line 1: Line 1:
 ====== How to install an FTP Server ====== ====== How to install an FTP Server ======
  
-Install vsftpd+  * Install vsftpd
  
 <code language-bash> <code language-bash>
-'sudo apt update && sudo apt install vsftpd+sudo apt update && sudo apt install vsftpd
  
  
 </code> </code>
  
-Once installed check status+  * Once installed check status
  
 <code pre-only> <code pre-only>
Line 27: Line 27:
 </code> </code>
  
-Congigue Firewall+  * Configure Firewall
  
 <code language-bash> <code language-bash>
Line 38: Line 38:
 </code> </code>
  
-Add FTP user+  * Add FTP user
  
 <code language-bash> <code language-bash>
-''sudo adduser ftpuser''+sudo adduser ftpuser
  
  
 </code> </code>
  
-Add the user to the web server root directory+  * Add the user to the webserver root directory
  
 <code language-bash> <code language-bash>
-''sudo usermod -d /var/www ftpuser''+sudo usermod -d /var/www ftpuser
  
  
 </code> </code>
  
-Allow ftp user to write and alter documents in web directory+  * Allow ftp user to write and alter documents in the web directory
  
 <code language-bash> <code language-bash>
-''sudo chown ftpuser:ftpuser /var/www/html''+sudo chown ftpuser:ftpuser /var/www/html
  
  
 </code> </code>
 +
 +==== Configure vsftpd ====
 +
 +  * Rename config file
 +
 +<code language-bash>
 +sudo mv /etc/vsftpd.conf /etc/vsftpd.conf.bak
 +
 +
 +</code>
 +
 +  * Create a new config file
 +
 +<code language-bash>
 +sudo nano /etc/vsftpd.conf
 +
 +
 +</code>
 +
 +  * Paste in the following
 +
 +<code bash>
 +listen=NO
 +listen_ipv6=YES
 +anonymous_enable=NO
 +local_enable=YES
 +write_enable=YES
 +local_umask=022
 +dirmessage_enable=YES
 +use_localtime=YES
 +xferlog_enable=YES
 +connect_from_port_20=YES
 +chroot_local_user=YES
 +secure_chroot_dir=/var/run/vsftpd/empty
 +pam_service_name=vsftpd
 +force_dot_files=YES
 +pasv_min_port=40000
 +pasv_max_port=50000
 +allow_writeable_chroot=YES
 +
 +</code>
 +
 +  * Save the file
 +  * Restart vsftpd
 +
 +<code language-bash>
 +sudo systemctl restart vsftpd
 +
 +
 +</code>
 +
 +Now, if this was purely to just upload files we can stop here, however, normally you want to FTP a site that is for the web, so we need to be able to have the FTP user/group work in tandem with the www-data user/group.
 +
 +So, here is what is needed:
 +
 +  * Create a new group (www-pub) and add the users to that group
 +
 +<code bash>
 +sudo groupadd www-pub
 +
 +
 +</code>
 +
 +  * Add FTP user AND www-data to the group
 +
 +<code bash>
 +usermod -a -G www-pub ftpuser
 +
 +usermod -a -G www-pub www-data
 +
 +
 +</code>
 +
 +  * Check that the users are part of all groups
 +
 +<code bash>
 +sudo groups ftpuser
 +
 +sudo groups www-data
 +
 +
 +</code>
 +
 +  * Change ownership of everything under the web directory
 +
 +<code bash>
 +sudo chown -R root:www-pub /where/your/web/directory/is
 +
 +
 +</code>
 +
 +  * Then change the permissions (or certain web sites won't work - such as NextCloud or WHMCS)
 +
 +<code bash>
 +sudo chmod 2775 /where/your/web/directory/is
 +
 +
 +</code>
 +
 +  * In detail, this is what each number is doing://2=set group id, 7=rwx for owner (root), 7=rwx for group (www-pub), 5=rx for world (including nginx www-data user)//
 +
 +**Then you should be able to FTP to a site without changing permissions all over the place!**
  
  
ftp-install.1603727926.txt.gz · Last modified: 2023/05/17 22:52 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Valid HTML5 Valid CSS Driven by DokuWiki