Solved

FTP - Disallow Downloads & allow uploads

Posted on 2003-11-14
3
423 Views
Last Modified: 2010-04-22
Hi,

Due to Internal reasons, I would like to do the following.

For some users, disallow download of files from FTP server, allow only of upload of files.

Currently running red hat linux 7.2, with pure-ftp installed. However, if there is any FTP server that allows the above to be done, will note be a problem to switch over. Please help!.

Thanks a lot.
0
Comment
Question by:jo495
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 24

Assisted Solution

by:shivsa
shivsa earned 125 total points
ID: 9768685
The following snippet from a sample configuration file illustrates how to protect an "upload" directory in such a fashion (which is a very good idea if you don"t want people using your site for "warez"):



--------------------------------------------------------------------------------

<Anonymous /home/ftp>
  # All files uploaded are set to username.usergroup ownership
  User username
  Group usergroup
  UserAlias ftp username
  AuthAliasOnly on
  RequireValidShell off

  <Directory pub/incoming/>
     <Limit STOR CWD>
        AllowAll
     </Limit>
     <Limit READ RMD DELE MKD>
        DenyAll
     </Limit>
  </Directory>
</Anonymous>


--------------------------------------------------------------------------------


This denies all write operations to the anonymous root directory and sub-directories, except "incoming/" where the permissions are reversed and the client can store but not read. If you used <Limit WRITE> instead of <Limit STOR> on <Directory incoming>, ftp clients would be allowed to perform all write operations to the sub-dir, including deleting, renaming and creating directories.

for more info,
http://proftpd.org/docs/faq/proftpdfaq-5.html#ss5.3
0
 
LVL 24

Expert Comment

by:shivsa
ID: 9768706
sorry above post was valid for proftp.
this is for pureftp.

 '-K': Allow users to resume and upload files, but *NOT* to delete or rename
them. Directories can be removed, but only if they are empty. However,
overwriting existing files is still allowed (to support upload resume) . If
you want to disable this too, add -r (--autorename) .

http://www.pureftpd.org/README
0
 
LVL 1

Accepted Solution

by:
MKrauss earned 125 total points
ID: 9886869
you should switch to vsftpd (http://vsftpd.beasts.org/) which is the most secure
ftp at the moment, with vsftp you can set/chown the anon owner plus the umask, with
this you can do configure for anon uploads and no downloads - per directory - and much
more like anon bandwith limitation. if you need a config sample then pls comment back.
MK
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question