FTP Server Configuration

FTP Server Configuration

Most common FTP server configuration is an anonymous-only FTP server that only allows the anonymous client to download files, and disables all local users and uploads. In order to configure this, some changes will need to be made to the vsftpd configuration.

An FTP deployment best practice is to turn off local user access. When users authenticate to transfer files to /from a system with FTP, their account names and passwords are vulnerable to an eavesdropping attacker. (If secure file transfer is needed by users, the rsync command over SSH, or the SFTP service provided by sshd are better choices.) Anonymous FTP by its nature is public, and files provided through anonymous FTP are assumed to be public and not sensitive.

The vsftpd configuration file is found in  /etc/vsftpd/vsftpd.conf and the document root is found in /var/ftp/. When you make changes to the FTP server, do not forget to restart the service.

Make user you understand the following options:

Anonymous_enable=YES: enables the anonymous ftp server

Local_enable=NO: disable all non-anonymous local user accounts

Write_enable=NO: disable any user from uploading files to the FTP server

--- Cheers !!!