FileZilla FTP Server Tutorial Part 1


Uploaded by WhefXLR on 24.07.2009

Transcript:
Okay, so, this is my FileZilla FTP tutorial.
First, you're going to want to go to Google and Google FileZilla Server download.
It's important to get the server, and not the client.
The server is for hosting, and the client is for connecting.
Once you have that downloaded, you're going to want to run it and install.
Keep in mind that I wouldn't keep a desktop icon; it's pretty useless.
Just leave this administrator port the same, and leave it to start the server as a service.
It's the best idea because that's the actual file hosting server so if it is on manual then you'll have to start it every time you log on.
This I would set to manual because this is like the server GUI interface thing where you can edit settings and you don't really need to edit it every time you start up.
Okay, now once you're to this screen just press OK, we'll get more into that later.
Okay, now once you're to this screen just press OK, we'll get more into that later.
Now go to Edit -> Settings -> Administrator Settings.
You're going to want to set a password, anything you want, and this will be used on that first box to log in.
Here is a welcome message, you can edit that however you like it. It displays when somebody logs on to your FTP server.
We'll get back to more of that stuff later.
Okay, so now, go to Edit -> Groups. And this is just for the tutorial, but I'm giong to make a group for just me and my friends.
And under shared folders you can add whatever folders you want to share.
In this case I want to share my movies with all of my friends.
And just leave those the same. So like list and subdirs that's so they can see what folders and files are being shared. Read is so they can read it, write is so they can write files, etc.
Also, I forgot to mention this earlier. I have these FTP folders. You're going to want to create an empty one and if you're planing for anonymous access later you're going to want a public folder, and "dropboxes" where my friends can upload their files.
So, I'm going to add the empty folder and set that as the home directory.
This is important, as the tutorial goes on I think you'll see how this works more clearly.
Okay so now go to Edit -> Users. First I'm just going to add myself as an administrator as a part of the FTP group.
You have to set a password, that's VERY important.
You don't want anyone hi-jacking your FTP server. You can change any of the other settings.
So now I'm going to add my friend. I'm going to make him a part of the group and give him a password as well, whatever he wants it to be.
Now we're going to go back into that FTP directory (with all the folders) and add the dropbox folder so he can upload whatever he likes to there, and quickly give me files.
We're going to want to give him all the permissions to that folder.
Okay, so now we have to port forward. Since I'm currently connected directly to the modem I'm only behind Windows Firewall, this will be different if you're forwarding your modem.
But there are a number of ports you have to forward, like port 21 is the main one. We'll get more into those ports just a little bit later.
So now these are the ones I just showed you, the 3850. You're going to want to go to Settings, and for Passive Settings add the port range to whatever you like. It doesn't really matter.
But that's definitely a necessary step.
So, as you can see here in my Firewall port settings I have 3850 down to 3859. And you do have to forward all of those individually, and yes it is annoying.
Okay so now, I forgot to do this earlier, but when you're giving your users shared folders (as you can see it's there now) for the alias option you right click it, edit alias and say [forwardslash]"name appaering for folder." So for movies, I do /Movies.
And if you want to go directly to the movies then you do ftp://[your_ip]/Movies/ then that will bring you directly to it.
Okay so now, I would enable auto-ban in Edit -> Settings -> Autoban. It's so viruses try to break into your FTP - I've had that happen more than once.
So now we'll do the SSL/TLS security.
First, you're going to want to go to Generate Certificate. I do 2048 bits; none of the personal data has to be correct, it's just for generating the certificate file.
Just type a bunch of random stuff in here, it doesn't really matter.
Save it to somewhere.
This may take a second, and then it will say generated successfully.
You're going to want to give it a password. It doesn't really matter if you remember this, I haven't found a reason to ever use it.
Do not enable the second box, but do enable the third box.
Well, at least don't enable the second box if you're planning on using anonymous access that's unencrypted or if anybody is accessing the FTP that is unencrypted.
Also, you're going to have to forward this port that we saw there. Port 990. I'm not sure if it's TCP or UDP, but when in doubt forward both of them; that's my theory, anyways.
So, now we just to Groups and made the entire group have force SSL, the encryption on, so everybody has to use encryption. However you can also make it for individual users.
So now let's go to my FTP and check out the encryption.
I have to refresh...
Then you'll see you get 530 SSL Required.
Okay, now this is going to be common, it always happens. So now you're going to have to get an FTP client or addon for Firefox like FireFTP, which I just enabled.
To be able to have it support encryption.
Okay so now I'll show you how to do this via FireFTP.
Go to Create a User. This doesn't really matter, category doesn't really matter.
However, this section has to be the main FTP link. So, ftp://[your_ip]/. Login is your username, and then your password for that.
And then under this I do Auth TLS (Best).
Okay, oh whoops, I forgot I already have an account under this username. There.
So this is just for the tutorial.
Okay now we're going to press connect. This message will appear warning you about the certificate not being recognized
This is expected because we generated our own certificate instead of buying one, which is like $6.00 a year or something.
So you're going to have to add an exception - keep in mind they can see everything you generated the certificate with.