View
275
Download
0
Category
Preview:
Citation preview
8/11/2019 Install FTP Server on IIS Windows Server
1/12
Install FTP Server on IIS of Windows Server
FTP (File Transfer Protocol) allow clients to transfer/download/upload their files using FileTransfer Protocol. FTP is very useful for Shared Hosting Service providers, Internet Service
providers etc. to allow their clients to upload/download/transfer files through FTP. In Windows
Server 2008 R2 Microsoft FTP 7.5 is available as Role Service for Web Server (IIS 7.5). FTP
7.5is tightly integrated with Web Server (IIS 7.5). Before installing FTP make sure Web
Server (IIS)is installed, referInstall IIS on Windows Server 2008.In this article we are going to
see how to setup a shared FTP Server for allowing clients of a Shared Web Server to transfer
contents of their websites.
Install FTP for IIS 7.5 on Windows Server 2008 R2
Click Start>> Administrative Tools>> Server Manager. In the Server Manager hierarchypane expand Rolesand then click on Web Server (IIS).
Click on Add Role Serviceswhich will launch Select Role Serviceswindow as shown below.Select FTP Serviceand FTP Extensibilityservices from the list. Click Next.
http://gopalthorve.com/install-iis-windows-server-2008/http://gopalthorve.com/install-iis-windows-server-2008/http://gopalthorve.com/install-iis-windows-server-2008/http://gopalthorve.com/wp-content/uploads/2012/05/install-ftp-iis-7-5-server-manager.pnghttp://gopalthorve.com/install-iis-windows-server-2008/8/11/2019 Install FTP Server on IIS Windows Server
2/12
On Confirm Installation Selectionspage click Install.
On Installation Resultspage click Close to exit the Add Role Serviceswizard.
http://gopalthorve.com/wp-content/uploads/2012/05/install-ftp-iis-7-5-confirm-installation-selection.pnghttp://gopalthorve.com/wp-content/uploads/2012/05/install-ftp-iis-7-5-select-role-services.pnghttp://gopalthorve.com/wp-content/uploads/2012/05/install-ftp-iis-7-5-confirm-installation-selection.pnghttp://gopalthorve.com/wp-content/uploads/2012/05/install-ftp-iis-7-5-select-role-services.png8/11/2019 Install FTP Server on IIS Windows Server
3/12
Check Firewall Rules to Allow inbound FTP Traffic
After installation of FTP Server make sure that there are Inbound firewall rules in place to allowinbound FTP traffic. To check this follow below steps:
Click Start>> Administrative Tools>> Windows Firewall with Advanced Security and then
click on Inbound Rulesand check if three inbound firewall rules exists as highlighted in belowsnapshot.
1. FTP Server (FTP Traffic-In): This rule allows inbound traffic on TCP port 21 for FTP
Service.
2. FTP Server Passive (FTP Passive Traffic-In): This rule allows inbound traffic on TCPports greater than 1023 for FTP Service. This is required for FTP Service to work in
passive mode.
3. FTP Server Secure (FTP SSL Traffic-In): This rule allows inbound traffic on TCP port990 for FTP Service over SSL.
If these rules doesnt exists then create them.
http://gopalthorve.com/wp-content/uploads/2012/05/install-ftp-iis-7-5-installation-results.png8/11/2019 Install FTP Server on IIS Windows Server
4/12
Create a FTP Site using the FTP Site Wizard
We installed FTP for IIS 7.5 and also checked/created firewall rules to allow inbound traffic
necessary for serving FTP services. However without creating a FTP Site, the FTP Server
doesnt listen on port 21 and you can not connect to the FTP Server. Now we will create a
Default FTP Site.
Click Start>> Administrative Tools>> Internet Information Services (IIS) Manager.
Expand the Server from server hierarchy pane and then expand sites.
Right click on Sitesand then click on Add FTP Site
http://gopalthorve.com/wp-content/uploads/2012/05/install-ftp-iis-7-5-firewall-rules.png8/11/2019 Install FTP Server on IIS Windows Server
5/12
Add FTP Site: FTP Site Information
FTP site name: Enter the name of this FTP Site.
Physical path: Select the physical folder from where contents to FTP Users will be
served. This is called root of the FTP Server. I choose %systemdrive%\inetpub\ftproot.
Click Next.
http://gopalthorve.com/wp-content/uploads/2012/06/install-ftp-iis-7-5-site-information.pnghttp://gopalthorve.com/wp-content/uploads/2012/05/install-ftp-iis-7-5-create-ftp-site.pnghttp://gopalthorve.com/wp-content/uploads/2012/06/install-ftp-iis-7-5-site-information.pnghttp://gopalthorve.com/wp-content/uploads/2012/05/install-ftp-iis-7-5-create-ftp-site.png8/11/2019 Install FTP Server on IIS Windows Server
6/12
Add FTP Site: FTP Binding and SSL Settings
IP Address: Select IP address from the drop down list on which FTP Server will work.
Select All Unassigned to allow it to work on all IP addresses.
Port: Enter TCP port number on which this FTP Server will listen on. Default FTP port is
21. Enable Virtual Host Names: To bind a host name with this FTP site enable this option
and then specify host name e.g. ftp.gopalthorve.com.
Start FTP site automatically: Select this option to start this FTP site automatically.
SSL: SelectNo SSLoption. We will implement SSL feature some time later.
Click Next.
Add FTP Site: Authentication and Authorization Information
Authentication: Select Basic because we want to use Windows built-in authentication
method that requires users to provide valid Windows username and password to gainaccess to contents. Later we will configure FTP User isolation to restrict users to their
respected folders.
Allow access to: Select Specified roles or user groupsfrom the drop down list and thenenter the name of group which holds all FTP Users (as we discussed inLocal Users, localgroup and local security policies on Windows Server 2008). In my case the group is
FTPUsers.
Permissions: Select both Read and Write.
Click Finish to add the FTP Site.
http://gopalthorve.com/local-users-local-group-local-security-policies/http://gopalthorve.com/local-users-local-group-local-security-policies/http://gopalthorve.com/local-users-local-group-local-security-policies/http://gopalthorve.com/local-users-local-group-local-security-policies/http://gopalthorve.com/wp-content/uploads/2012/06/install-ftp-iis-7-5-binding-ssl-settings.pnghttp://gopalthorve.com/local-users-local-group-local-security-policies/http://gopalthorve.com/local-users-local-group-local-security-policies/8/11/2019 Install FTP Server on IIS Windows Server
7/12
8/11/2019 Install FTP Server on IIS Windows Server
8/12
Parent Directory (%systemdrive%\HostingSpaces)
The parent directory which will contain sub-folders for each customer. I created
%systemdrive%\HostingSpaces directory which will hold a sub-directories in it for each ofclient.
NTFS Permissions for this directory:
1. Remove inheritable permissions from parent on %systemdrive%\HostingSpacesdirectory.
2. Grant permissions to SYSTEM, Administrators on this object.
Clients Home Directory (client1, client2 etc.)
Each shared hosting customer will have its own directory created under the parent directory and
each directory must be named after Windows Local User account name created for that particular
customer. Initially I have two customers respectively client1 and client2 and hence I createdtwo directories client1 and client2 in parent directory (%systemdrive%\HostingSpaces), also
create two Windows Local User account client1 and client2 and add them to FTPUsers group as
discussed inLocal Users, local group and local security policies on Windows Server 2008.Eachclients home directory must be given read/write permissions to that specific customer user
account e.g. client1s home folder is client1 and it must be given read/write permissions to user
client1.
NTFS Permissions for these directories:
1. It must inherit permissions from its parent i.e. %systemdrive%\HostingSpaces
2.
Each client must be granted access to its directory i.e. client1 user account must haveModify, Read & Execute, List folder contents, Read, Write permissions on its homedirectory client1.
Content Directories
Client can upload anything to this directory. By default it contains clients hosted domains here
i.e. client1domain1.com, client1domain2.com etc., which will further hold website contents inwwwroot directory, data in data directory and logs in logs directory.
FTP User Isolation
The FTP Site we recently created (Default FTP Site) allows each client session to start in the root
directory of FTP Site i.e. %systemdrive%\inetpub\ftproot, because there is not FTP User
Isolation configured on this FTP Site so far. By default FTP Site is configured to Do not isolate
users. Start users in: FTP root directory which allows every ftp session to start in ftp root
directory of the FTP Site.
http://gopalthorve.com/local-users-local-group-local-security-policies/http://gopalthorve.com/local-users-local-group-local-security-policies/http://gopalthorve.com/local-users-local-group-local-security-policies/http://gopalthorve.com/local-users-local-group-local-security-policies/8/11/2019 Install FTP Server on IIS Windows Server
9/12
We want to configure FTP Site such that each customer account must have access to its own
folder only and each customers FTP session must start in its own home (root) folder named
after its username. Microsoft FTP support one such FTP User Isolation mode called Isolate
users. Restrict users to the following directory: User name directory (disable global virtual
directories). This mode requires us to createa folder named LocalUser under root of the FTP
Site (%systemdrive%\inetpub\ftproot\LocalUser) which will further contain customers homefolder (i.e. client1, client2 etc.). However I dont want to put customers folder in%systemdrive%\inetpub\ftproot\LocalUser folder instead I want to put all those folders in
%systemdrive%\HostingSpaces folder. To accomplish this we will need to create a Virtual
Directory called LocalUser under recently created FTP Site which will point to physical folder%systemdrive%\HostingSpaces folder. To create Virtual Directory follow below steps:
Create Virtual Directory
1. Start Internet Information Services (IIS) Manager. (Start >> Administrative Tools >>
Internet Information Services (IIS) Manager)
2.
Expand Sites3. Right click on Default FTP Site we created recently and then click Add Virtual
Directory4. Alias: Enter LocalUser in this text box, remember to type with exact case it must be
LocalUser with capital L and U.
5. Physical path: Select physical path where this virtual directory will point to i.e.
(%systemdrive%\HostingSpaces).
6. Click OK to create Virtual Directory.
Finally configuring FTP User Isolation
http://gopalthorve.com/wp-content/uploads/2012/06/setup-ftp-server-ftp-user-isolation-add-virtual-directory.png8/11/2019 Install FTP Server on IIS Windows Server
10/12
1. Start Internet Information Services (IIS) Manager. (Start >> Administrative Tools >>
Internet Information Services (IIS) Manager)
2. Expand Sites3. Click on Default FTP Site we recently created.
4. Double click FTP User Isolationin feature view window in the middle.
5.
In Isolate users. Restrict users to the following directory: section select User namedirectory (disable global directories) option.6. Click Apply button to save changes.
Testing FTP Server
We have successfully setup FTP Server and now its time to check if everything is working fine.We can check FTP Server connectivity either using ftp command or using any FTP Client like
FileZilla Client.
Testing FTP Server using ftp command:
1. Open Command Prompt
2. Type ftpat command prompt.3. Type o 192.168.0.98 on the ftp prompt. Use IP address on which your FTP Server is
configured to listen on. If All Unassigned is used you can use any IP address of your
system as well as you can also use localhost.4. Type FTP User name e.g. client1.
5. Type Password for the FTP User e.g. password for user client1.
6.
If everything works fine then you will get the response 230 User logged in.7. Type dir command and you will get directory listing of client1 home folder.8. Type cd client1domain1.com command and current working directory (CWD) changes
to client1domain1.com
9. Type pwd command to know the current working directory.10.Type put command to upload local file to FTP Server. When prompted for local file
name enter entire file name along with path. When prompted for remote file simply press
enter to upload file with same name or enter new name for file on FTP Server.
http://filezilla-project.org/http://filezilla-project.org/http://gopalthorve.com/wp-content/uploads/2012/06/setup-ftp-server-configure-ftp-user-isolation.pnghttp://filezilla-project.org/8/11/2019 Install FTP Server on IIS Windows Server
11/12
11.Type recv command to download file from FTP Server. When prompted for remote file
name enter name of the file to download and when prompted for Local file enter path
where you want to download the file.12.Type dele file_name command to delete file from FTP Server, replace file_name with
name of the file to be deleted.
13.
I have pasted a sample command session with my recently configured FTP Server.
C:\>ftp
ftp> o 192.168.0.98
Connected to 192.168.0.98.
220 Microsoft FTP Service
User (192.168.0.98:(none)): client1
331 Password required for client1.
Password:
230 User logged in.
ftp> dir
200 PORT command successful.
125 Data connection already open; Transfer starting.
06-06-12 07:37PM client1domain1.com
06-06-12 07:37PM client1domain2.com
226 Transfer complete.
ftp: 118 bytes received in 0.00Seconds 118000.00Kbytes/sec.
ftp> cd client1domain1.com
250 CWD command successful.
ftp> put
Local file c:\help.txt
Remote file
200 PORT command successful.
125 Data connection already open; Transfer starting.
226 Transfer complete.
ftp: 5866 bytes sent in 0.02Seconds 244.42Kbytes/sec.
ftp> recv
Remote file help.txtLocal file d:\help.txt
200 PORT command successful.
125 Data connection already open; Transfer starting.
226 Transfer complete.
ftp: 5866 bytes received in 0.00Seconds 5866000.00Kbytes/sec.
ftp> delehelp.txt
250 DELE command successful.
Checking FTP Server using FileZilla FTP Client
We can also check FTP Server by using GUI based FTP client likeFileZilla Client.Simply
download theFileZilla Clientand then install, after installation launchFileZilla.
1. Host: Enter IP address on which your FTP Server is listening on.
2. Username: Enter FTP Username e.g. client1
3. Password: Enter password for FTP User4. Port: Enter FTP Port default is 21.
5. Click Quickconnect button.
http://filezilla-project.org/http://filezilla-project.org/http://filezilla-project.org/http://filezilla-project.org/http://filezilla-project.org/http://filezilla-project.org/http://filezilla-project.org/http://filezilla-project.org/http://filezilla-project.org/http://filezilla-project.org/http://filezilla-project.org/http://filezilla-project.org/8/11/2019 Install FTP Server on IIS Windows Server
12/12
6. Once connected you can download/upload/delete contents simply drag and drop
functionalities.
So thats it for FTP Server for now. As far as more FTP Server settings are concerned I will beputting it under comments area of this article. Later we will see how to create website in IIS 7.5.
http://gopalthorve.com/wp-content/uploads/2012/06/setup-ftp-server-checking-ftp-server-filezilla-client.pngRecommended