Enable FTP for EasyEngine Website
To Enable FTP for EasyEngine web sites, we need to install pure-ftpd. On Ubuntu/Debian, run
1 |
apt install -y pure-ftpd |
Enable virtial FTP users
1 2 |
ln -s /etc/pure-ftpd/conf/PureDB /etc/pure-ftpd/auth/PureDB touch /etc/pure-ftpd/pureftpd.pdb |
In EasyEngine, we sites files are owned by www-data user, this user have a UID of 33. By default pure-ftpd won’t allow this. To enable users with UD 33 to login, run
1 |
echo 1 > /etc/pure-ftpd/conf/MinUID |
Now lets create FTP user for a web site running in EasyEngine.
1 |
pure-pw useradd FTP_USER_HERE -u www-data -g www-data -d /opt/easyengine/sites/DOMAIN_NAME_HERE/app/ |
In above command replace
FTP_USER_HERE = FTP user for the web site, this can be any name, no space
DOMAIN_NAME_HERE = the domain name of the web site that is hosted in EasyEngine, that you need FTP access.
When you run above command, you will be asked to select password for the FTP user, this can be used to login to FTP server.
Before you can login to FTP server with newly created virtual FTP user, you need to run
1 2 |
pure-pw mkdb systemctl restart pure-ftpd |
Change FTP Password
If you want to change FTP user for a user, you can run
1 2 3 |
pure-pw passwd FTP_USER_HERE pure-pw mkdb systemctl restart pure-ftpd |
Passive FTP Configuration
Many cloud hosting providers like AWS, Google Cloud, Oracle Cloud, AliCloud servers use NAT networking. That is your VM have private IP and your public IP is routed to your VM. In such case, you need to enable Passive FTP, for this run
1 2 |
echo "30000 50000" > /etc/pure-ftpd/conf/PassivePortRange echo "YOUR_PUBLIC_IP" > /etc/pure-ftpd/conf/ForcePassiveIP |
YOUR_PUBLIC_IP = replace this with your public IP address.
Restart pure-ftpd
1 |
systemctl restart pure-ftpd |
Firewall configuration
For Passive FTP, you need to open following ports in your firewall
1 2 |
tcp 21 tcp 30000:50000 |
On Oracle Cloud server, i edited file
1 |
vi /etc/iptables/rules.v4 |
Find
1 |
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT |
Replace with
1 2 3 |
-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 30000:50000 -j ACCEPT |
Now restore firewall rules with
1 |
iptables-restore < /etc/iptables/rules.v4 |
Now FTP will work.
See EasyEngine