Enable FTP for EasyEngine Website
To Enable FTP for EasyEngine web sites, we need to install pure-ftpd. On Ubuntu/Debian, run
apt install -y pure-ftpd
Enable virtial FTP users
ln -s /etc/pure-ftpd/conf/PureDB /etc/pure-ftpd/auth/PureDB touch /etc/pure-ftpd/pureftpd.pdb
In EasyEngine, we sites files are owned by www-data user, this user have a UID of 33. By default pure-ftpd won’t allow this. To enable users with UD 33 to login, run
echo 1 > /etc/pure-ftpd/conf/MinUID
Now lets create FTP user for a web site running in EasyEngine.
pure-pw useradd FTP_USER_HERE -u www-data -g www-data -d /opt/easyengine/sites/DOMAIN_NAME_HERE/app/
In above command replace
FTP_USER_HERE = FTP user for the web site, this can be any name, no space
DOMAIN_NAME_HERE = the domain name of the web site that is hosted in EasyEngine, that you need FTP access.
When you run above command, you will be asked to select password for the FTP user, this can be used to login to FTP server.
Before you can login to FTP server with newly created virtual FTP user, you need to run
pure-pw mkdb systemctl restart pure-ftpd
Change FTP Password
If you want to change FTP user for a user, you can run
pure-pw passwd FTP_USER_HERE pure-pw mkdb systemctl restart pure-ftpd
Passive FTP Configuration
Many cloud hosting providers like AWS, Google Cloud, Oracle Cloud, AliCloud servers use NAT networking. That is your VM have private IP and your public IP is routed to your VM. In such case, you need to enable Passive FTP, for this run
echo "30000 50000" > /etc/pure-ftpd/conf/PassivePortRange echo "YOUR_PUBLIC_IP" > /etc/pure-ftpd/conf/ForcePassiveIP
YOUR_PUBLIC_IP = replace this with your public IP address.
Restart pure-ftpd
systemctl restart pure-ftpd
Firewall configuration
For Passive FTP, you need to open following ports in your firewall
tcp 21 tcp 30000:50000
On Oracle Cloud server, i edited file
vi /etc/iptables/rules.v4
Find
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
Replace with
-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 30000:50000 -j ACCEPT
Now restore firewall rules with
iptables-restore < /etc/iptables/rules.v4
Now FTP will work.
See EasyEngine