Build the FTP Service (Windows)

Last updated: 2020-02-25 12:21:09

PDF

Scenario

This document describes how to build a FTP site through IIS on Tencent Cloud server (CVM) of the Windows operating system.

Software Versions

The component version of the FTP service built in this paper is as follows:

  • Windows operating system, this paper takes Windows Server 2012 as an example.
  • IIS:Web server, this paper takes IIS 8.5 as an example.

Directions

Step 2: Purchase cloud virtual machine

Step 2: install the FTP service on IIS

  1. In the operating system interface, click To open Server Manager , as shown below:
  2. In the Server Manager window, click add roles and Features.
  3. In the pop-up add roles and Features Wizard window, click next to enter the Select installation Type interface.
  4. In the Select installation Type interface, select role-based or feature-based installation, and click next.
  5. In the Select Target Server interface, keep the default settings and click next.
  6. In the "Select a server role" interface, check [Web Server (IIS)], and click "add feature" in the pop-up window.
  7. Click next three times in a row to enter the Select role Service interface.
  8. In the "Select role Service" interface, check "FTP Service" and "FTP extension", and click "next".
  9. Click "install" to begin the installation of the FTP service.
  10. When the installation is complete, click [close].

Step 3: create a FTP username and password

Please follow these steps to configure the FTP user name and password. If you need to use the anonymous user Access FTP service, you can skip this step.

  1. In the Server Manager window, select tools > computer Management in the navigation bar in the upper right corner to open the computer Management window.
  2. In the computer Management interface, select [system tools] > [Local users and groups] > [users] in Left sidebar.
  3. In the right side of the user interface, right-click the blank space and select New user.
  4. In the New user interface, follow the prompts below to set the user name and password, and click create.
    The main parameters are as follows:
  • User name: custom, this article uses ftpuser As an example.
  • Password and confirmation password: custom, password must contain both uppercase and lowercase letters and numbers. In this paper, tf7295TFY As an example.
  • Uncheck [users must change their password the next time they log in] and check [password will never Expire].
    Please check it according to the actual demand. This article takes the password never Expire as an example.
  1. Click [close], and after closing the New user window, you can view the created ftpuser User.

Step 4: set up the shared folder Permission

You need to set up a shared folder for your FTP site, which is based on the C:\test A folder, for example, already contains files to be shared test.txt .

  1. In the operating system interface, click To open Server Manager , as shown below:
  2. Under disk C, select and right-click test Folder, select [Properties].
  3. In the test Properties window, select the Security tab.
  4. Select Everyone User and click [Edit]. as shown below:
    If it is not in the Group or user name Everyone , please refer to Add Everyone user To add.
  5. In the "Permission of test" interface, set on demand Everyone The user's Permission and click [OK]. as shown below:
    This article is intended to award Everyone User-owned Permission as an example.
  6. In the test Properties window, click OK to complete the settings.

Step 5: add a FTP site

  1. In the Server Manager window, select tools > Internet Information Services (IIS) Manager in the navigation bar in the upper right corner.
  2. In the Internet Information Sevices (IIS) Manager window that opens, click the server name of show more Left sidebar, then right-click [website], and select [add FTP site].
  3. In the site Information interface, refer to the following information to set up, and click next.
    • FTP site name Enter FTP site name, this article uses ftp As an example.
    • Physical path Please select the shared folder path that has been set for Permission. C:\test As an example.
  4. In the binding and SSL Settings interface, refer to the following information for settings, and click next.
    The main configuration parameter information is as follows:
    • Bind The IP address is selected as "all without Assign" by default, and the port is 21 by default (the default port number for FTP). You can also set the port by yourself.
    • SSL Please select as needed. This article takes [No SSL] as an example.
      • No SSL No SSL encryption is required
      • Allow SSL Allows the FTP server to support non-SSL and SSL connections to clients
    • Require SSL Requires SSL encryption to communicate between the FTP server and the client
      If you select [allow SSL] or [need SSL], you can select the existing SSL Certificates Service in "SSL Certificates Service", or refer to Server certificate making Step to make a SSL Certificates Service.
  5. In the Authentication and Authorization Information interface, refer to the following information to set up, and click next.
  • Identity Verification Select an authentication method. This article takes basic as an example.
    • Anonymous Allow any user Access to provide only anonymous or FTP user name content.
    • Basic Users are required to provide a valid user name and password to enable Access content. Because basic authentication transmits unencrypted passwords over the network, you use this authentication method only if you know that the connection between the client and the FTP server is secure (for example, by using secure socket layer SSL).
  • Authorize Select a method from the allow Access drop-down list to specify users ftpuser As an example.
    • All users All users, whether anonymous or identified, can Access this content.
    • Anonymous user Anonymous users can have Access content.
    • Specified role or user group Only members of certain roles or user groups can have Access content. Select this option to specify a role or user group.
    • Specified user Only specified users can have Access content. Select this option to specify a user name.
  • Permissions Set Permission as needed. This article takes setting [read] and [write] Permission as an example.
    • Read Allow authorized users to read content from Directory.
    • Write Allow authorized users to write to Directory.
  1. Click "finish" to create the FTP site successfully.

Step 6: set up security groups and firewalls

  1. After completing the construction of the FTP site, ask Open to Internet to add the inbound rules of the port when adding the FTP site, such as the inbound rule of port 21.
    If you choose a different port when adding a FTP site, you also need to add an inbound rule for pass this port in the firewall.
  2. (optional) referenc Microsoft official documentation Configure firewall support for the FTP site to enable the FTP server to accept passive connections from the firewall.

Step 7: test the FTP site

You can verify the FTP service through tools such as FTP client software, browser, or file explorer. This article takes the file explorer on the client side as an example.

  1. Please set up your IE browser according to your actual situation:
  • Configured FTP site firewall: open the client's IE browser, select [tools] > [Internet options] > [Advanced], uncheck [use passive FTP (for firewall and DSL modem compatibility)] and click "OK".
  • The FTP site firewall is not configured:
    1. Enable FTP server IE browser, select [tools] > [Internet options] > [Advanced], uncheck [use passive FTP (for firewall and DSL modem compatibility)] and click "OK".
    2. Enable Client IE browser, select [tools] > [Internet options] > [Advanced], check [use passive FTP (for firewall and DSL modem compatibility)] and click [OK].
  1. Open the client's computer and in the path bar, the address below Access.
ftp://CVM public network IP:21
  1. In the pop-up Login as window, enter Create FTP username and password The user name and password that have been set in the.
    The user name used in this article is ftpuser The password is tf7295TFY .
  2. After successfully logging in, you can upload and download files.

Appendix

Add Everyone user

  1. In the test Properties window, select the Security tab and click Edit.
  2. In the "Permission of test" interface, click [add].
  3. In the Select user or Group interface, click Advanced.
  4. In the pop-up Select user or Group interface, click find now.
  5. In the search results, select Everyone And click [OK].
  6. In the Select user or Group interface, click OK to add.
    Go to Step 5 Settings Everyone User permissions.

Server certificate making

  1. In the Server Manager window, select tools > Internet Information Services (IIS) Manager in the navigation bar in the upper right corner.
  2. In the pop-up Internet Information Services (IIS) Manager window, select the server in Left sidebar, and double-click Server Certificate in the right screen.
  3. Select [create self-signed Certificate] in the action bar on the right.
  4. In the pop-up create self-signed Certificate window, set the certificate name and storage class.
    This paper takes SSL Certificates Service who created the personal storage class as an example.
  5. Click "OK" to create it successfully.