Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

FTP - Disallow Downloads & allow uploads

Posted on 2003-11-14
3
Medium Priority
?
428 Views
Last Modified: 2010-04-22
Hi,

Due to Internal reasons, I would like to do the following.

For some users, disallow download of files from FTP server, allow only of upload of files.

Currently running red hat linux 7.2, with pure-ftp installed. However, if there is any FTP server that allows the above to be done, will note be a problem to switch over. Please help!.

Thanks a lot.
0
Comment
Question by:jo495
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 24

Assisted Solution

by:shivsa
shivsa earned 250 total points
ID: 9768685
The following snippet from a sample configuration file illustrates how to protect an "upload" directory in such a fashion (which is a very good idea if you don"t want people using your site for "warez"):



--------------------------------------------------------------------------------

<Anonymous /home/ftp>
  # All files uploaded are set to username.usergroup ownership
  User username
  Group usergroup
  UserAlias ftp username
  AuthAliasOnly on
  RequireValidShell off

  <Directory pub/incoming/>
     <Limit STOR CWD>
        AllowAll
     </Limit>
     <Limit READ RMD DELE MKD>
        DenyAll
     </Limit>
  </Directory>
</Anonymous>


--------------------------------------------------------------------------------


This denies all write operations to the anonymous root directory and sub-directories, except "incoming/" where the permissions are reversed and the client can store but not read. If you used <Limit WRITE> instead of <Limit STOR> on <Directory incoming>, ftp clients would be allowed to perform all write operations to the sub-dir, including deleting, renaming and creating directories.

for more info,
http://proftpd.org/docs/faq/proftpdfaq-5.html#ss5.3
0
 
LVL 24

Expert Comment

by:shivsa
ID: 9768706
sorry above post was valid for proftp.
this is for pureftp.

 '-K': Allow users to resume and upload files, but *NOT* to delete or rename
them. Directories can be removed, but only if they are empty. However,
overwriting existing files is still allowed (to support upload resume) . If
you want to disable this too, add -r (--autorename) .

http://www.pureftpd.org/README
0
 
LVL 1

Accepted Solution

by:
MKrauss earned 250 total points
ID: 9886869
you should switch to vsftpd (http://vsftpd.beasts.org/) which is the most secure
ftp at the moment, with vsftp you can set/chown the anon owner plus the umask, with
this you can do configure for anon uploads and no downloads - per directory - and much
more like anon bandwith limitation. if you need a config sample then pls comment back.
MK
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question