Previous Page TOC Next Page Home


18

Running an FTP Server

Let's take a moment for a quick review of FTP. As you recall from Chapter 1, "Internet Technology Primer," the File Transfer Protocol governs file transfers between local and remote systems. When talking about FTP programs (and most things on the Internet), we must take care to distinguish between the client and the server. We talked about FTP clients in Chapter 7, "Webmaster's Guide to FTP and the Newsgroups." In this chapter, we'll talk about the other side of that equation by installing an FTP server. Note that the FTP client that comes with Windows 95 is a command-line version, but the CD with this book also includes a freeware FTP client with a Win32 GUI!

If you let your imagination wander a little, you can probably think of many useful scenarios for installing the FTP protocol on your Web site. Remote administration of your server might come to mind. For example, with FTP you could modify your Web pages when you are traveling and then upload the new files to your home directory—thus making them immediately available to the next browser that hits your site.

Another use for FTP is to make files on your server available for download by the public. Although this function can also be accomplished through the Web, some users may still prefer to download files via FTP. If you want users to upload files to your site, you'll need to run an FTP server, because this function isn't usually performed by Web browsers. This situation could change soon, however, thanks to another new invention from Netscape. They recently created an HTML extension that allows files to be uploaded on the Web. Only time will tell if this technique will become widely used.

Let's digress briefly and mention Archie again. Archie is a search utility that keeps a database of FTP servers and the files that each site has available. If you are planning to run an anonymous FTP site, you might consider having it cross-referenced by an Archie server. The Archie server would then be able to refer to your documents when the search string entered by the Archie client is contained within the name of one of your directories or files. We aren't going to discuss this topic further, except to say that a pretty cool Archie GUI client is included on the CD-ROM.

With that out of the way, let's get busy.

Installing the Serv-U FTP Server

The CD with this book includes two FTP servers for you to choose from: Secure FTP and Serv-U FTP. The Secure FTP server has an encryption feature that works in concert only with a secure FTP client. Although the Secure FTP product can also be used as a general-purpose FTP server, we have chosen to write this chapter toward the Serv-U FTP server simply because we only have the space to discuss one—and Serv-U is easy and extremely affordable (just $20). However, we do not wish to endorse one product over the other, and we encourage you to explore both of them and choose for yourself.

This section describes the steps to install the Serv-U FTP Server for Windows 95. This program is simple to install:

  1. Use WinZip to unzip the file servu11i.zip directly from the CD-ROM to the directory on your hard drive where you will install Serv-U.

  2. Execute serv-u.exe. If you would like to make it a quick-access icon on your Windows 95 desktop, right-click the exe file in Explorer and drag it to the desktop. Then choose Create Shortcut(s) Here.

FTP Security

If your Web site provides a hosting service for other home pages, you might want to arrange it so that those people can write their own HTML pages and manage them through FTP access. As it turns out, Serv-U includes directory-level security which will help ensure that your users are restricted from remotely wandering all over your hard drive. Serv-U allows you to set up an account for people who log into your server. These accounts will ensure that the user, once logged in, is placed in the proper directory and cannot stray to a directory higher up the tree. Not only can you restrict accounts to a particular directory tree, you can restrict the users ability to read, write, and delete files. There are many ways to set this up. What we show you here is only one example of how to use the FTP security system.

Creating the FTP User Group

Here are the steps to create a user group that will allow its members to have the minimum file system privileges necessary for typical FTP usage:

  1. Run the Serv-U FTP server.

  2. From the menu, select Setup | Groups.

  3. In the dialog box, choose Edit.

  4. In the Group Name field type htmlmgr. See Figure 18.1.

    Figure 18.1. Creating an FTP user group.

  5. In the home directory window, enter the path to your HTML document root directory as you specified in Chapter 8, "Putting Your Windows 95 Web Server Online."

  6. Choose Add and enter the path to your HTML document root.

  7. Select the Read checkbox.

  8. Choose OK.

Managing the User Accounts

Here are the steps to create a sample account with additional directory privileges for a user named John. This is a very important step in a good FTP security policy.

  1. If it is not already running, run Serv-U FTP server.

  2. From the menu, select Setup | Users and then choose the Edit button.

  3. In the dialog that appears, enter the string John (for example) in both the User name and Password text boxes. See Figure 18.2.

    Figure 18.2. Creating an FTP user account with custom privileges.

  4. In the Group Name text box, type htmlmgr.

  5. In the Home directory text box, enter the path to the user's HTML document root. This will be the user's initial directory.

  6. Choose Add.

  7. In the Path name dialog box that appears, enter the path to the user's HTML document root. This creates a list of directories in which the user is able to browse with selected privileges. See Figure 18.3.

  8. Choose OK.

  9. Select the Read, Write, and Delete checkboxes.

  10. Choose OK.


Figure 18.3. Adding a specific browse directory to a user account.

The Outcome

You now have an account setup for John. When John logs in, he will be placed in his own directory. While in his own directory John, can read, write, and delete files.

Fine-Tuning the FTP Server

The sections that follow discuss several additional features of the Serv-U FTP server that you will want to consider.

Limiting the Number of Simultaneous FTP Visitors

If you have popular files that a lot of people want to download, FTP could become a resource hog at your Web site. When several file transfers are in progress at once, a substantial portion of your CPU, disk I/O activity, and modem bandwidth will be eaten. You can follow the steps below to configure Windows 95 to limit the number of simultaneous FTP visitors to your site. This won't prevent other users from simultaneously downloading files via your Web page (assuming you provide that capability by including <A HREF> tags in your HTML code), but it will help preserve resources for your Web server and any other applications you choose to run.

HTTP can be more efficient at downloads than FTP because many Web servers open additional channels and create separate threads during the transfer of large files. This doesn't change the fact that you can't limit the number of simultaneous HTTP downloads that could be in progress at your site. You can only limit the number of simultaneous FTP users.

  1. From the Serv-U main window, select Setup | FTP-Server.

  2. Set the Max number Of users value to an integer between 0 and 99. An empty value allows an unrestricted number of simultaneous FTP users—up to 256 (limited only by available resources). A value between 1 and 99 will limit the number of simultaneous FTP users to the given value. See Figure 18.4.


Figure 18.4. Setting the maximum number of FTP user sessions to 16.

Hello and Good-bye

After you've logged onto your FTP server a few times, you'll probably decide that you would like to see messages other than the standard "Welcome" and "Good-bye." Making these changes is easy with Serv-U FTP.

  1. From the Serv-U FTP main window, select Setup | Signon/off.

  2. Enter your Sign on and Sign off messages in the dialog box that appears. See Figure 18.5 for one example of how to do this.


Figure 18.5. Customizing the Sign-on and Sign-off messages in Serv-U.

Restricting Access

Serv-U FTP enables you to restrict FTP access by IP address. You can permit or deny FTP access based on specific IP addresses or by IP address range. Just follow these steps to set up your own access rules.

  1. From the Serv-U FTP main menu, select Setup | IP-Access.

  2. In the dialog box that appears, enter the IP address or range that you desire to allow or deny.

  3. Check the Allow or Deny radio button as appropriate for the IP address you just entered in the previous step. See Figure 18.6 for an example.

  4. Choose Add.

  5. Choose OK.


Figure 18.6. Granting FTP access to any 200.36.40.* class C IP address.

Security based solely on IP addresses is weak. Anyone capable of IP spoofing can walk right past this method of exclusion. See Chapter 20 for more information about spoofing and other security risks.

What's Next

The next chapter will show you how to continue expanding the services that your Web site provides by adding database functionality. Databases are key to many business operations and not surprisingly, there are many ways in which the Web can be involved. We'll discuss WAIS and Cold Fusion.

Previous Page TOC Next Page Home