Configure FTP Server On Windows 2003 Server


he following is a list of the steps you need to perform to configure and enable the built-in Windows 2003 server. Before you start, you need to make sure that you actually have the FTP server installed. Depending on what server role you selected during the Windows 2003 server install process, you may or may not have FTP installed.

To check if the FTP server is installed, in the Control Panel, go to Add/Remove programs -> Add/Remove Windows Components. Then make sure Application Server is checked. Click the Details button and make sure Internet Information Services (IIS) is checked. Clicked Details on this again and make sure File Transfer Protocol (FTP) Service is checked. If not, check all of these and click OK to install them.

To enable the FTP service, go to the start menu -> Administrative Tools -> Internet Information Services (IIS) Manager.

administratrive tools

Tree open your server in the Internet Information Services list. Here my server is called "DEDICATED". Then tree open FTP Sites and right-click Default FTP Site (Stopped). Click Properties from the context menu.

default ftp site stopped

On the dialog, choose the Security Accounts tab. Make sure to uncheck Allow anonymous connections. We don't want to allow anonymous access to the FTP server or we will have spammers, porn-servers, and who knows what else on here in a matter of days. We only want to allow authenticated user accounts to connect.

default ftp site properties

When you uncheck this box, you will see a dialog like this. Basically, this is just telling you that since you don't want to allow anonymous access, you will have to login with a UserName and Password. Since FTP is not a secure protocol, these credentials will be passed in clear text and there is a remote possibility that someone could see the credentials. In other words, this is saying, make sure that you don't use base windows accounts that you want to be secure. I recommend using a dummy ftp account that you change on a regular basis instead. Just click Yes on this dialog.

iis manager

On the Home Directory tab, set the path to where you want your FTP files to be placed. NOTE: By default the path is set to inetpub\ftproot. If you want to allow users to create directories and add files instead of just downloading, make sure the Write box is checked. Then click OK to apply all these changes.

home directory

Now we want to start our FTP service. Right-click the Default FTP Site (Stopped) in the tree view and select Start to run the FTP server.

start ftp service

Setting Up FTP Directories & Permissions

The previous tasks are all you need to do if you want to just put files in the mail FTP directory. But sometimes you want to set up specific directories for users that actually put the files in different directories than the default directory. The way you do this is to set up a "pointer" directory in your default inetpub\ftproot that will just be an empty folder (FTP Service requires this for a virtual directory). Here, I created a new folder in my default FTP root folder called "MyFtpFolderPointer".

create ftp virtual directory folder

Now, we create a folder where we actually want our files to be placed when they are uploaded/downloaded. So I put a folder in the C:\ drive and called it "MyNewFtpDirectory". This is the place where the FTP files will actually go and the folder we created in the previous step will point to this folder.

create folder to hold ftp files

Now go back to the Internet Information Services (IIS) Manager and right-click the Default FTP Site. Choose New -> Virtual Directory... to start the virtual directory wizard.

new virtual directory...

Click Next to start the wizard.

virtual directory creation wizard

Name your alias for this virtual directory the EXACT same name you named the Virtual Directory folder we created in the FTP root since this is the one we want to point to the C:\ drive folder. So here, we name our Virtual Directory "MyFtpFolderPointer". Click Next.

virtual directory alias

Now we tell this virtual directory what it's actual path should be. So point this path to the folder where you actually want the FTP files to go. It can be any path you want. Here we put the path to our folder on C:\MyNewFtpDirectory. Click Next.

ftp site content directory

If you want users to be able to both download and upload files to this FTP directory, check both the Read and Write boxes. Click Next.

virtual directory access permissions

Click Finish to complete the wizard and apply the virtual directory settings.

you have successfully completed the virtual directory creation wizard

There are a few other things you might need to:

  • Check your Firewall rules. By default, FTP used Port 21 so you will need make sure that your Windows Firewall (if that is what you are using) is configured to allow Port 21 for FTP.
  • Create a new user account that is for FTP only to be used to login to your FTP server.

10 Steps to a Secure FTP Server

0 comments:

Post a Comment