1. Determine whether VSFTPD is installed on the server
rpm -qa | grep vsftpd
2. Start the FTP service
systemctl start vsftpd.service
3. Check if the CentOS7 server has port 21 open
//在win7中发出如下命令,如果一直得到“ftp:connect:连接超时”,就说明21端口没有开启
ftp 远程ip (如:46.100.106.18)
// 开启21端口
firewall-cmd --zone=public --add-port=21/tcp --permanent
firewall-cmd --reload
4. Anonymous user login test
//安装好centos7之后存在一个匿名用户ftp,密码为空,这个用户是不安全,需要关闭
C:\Users\DHC>ftp 46.100.106.18
连接到 46.100.106.18。
220 (vsFTPd 3.0.2)
用户(192.168.31.117:(none)): ftp
331 Please specify the password.
密码:
230 Login successful.
ftp>
5. Turn off anonymous users
# 修改/etc/vsftpd/vsftpd.conf中如下内容
anonymous_enable=NO
# 重启FTP服务
systemctl restart vsftpd.service
C:\Users\DHC>ftp 46.100.106.18
连接到 46.100.106.18。
220 (vsFTPd 3.0.2)
用户(46.100.106.18:(none)): ftp
331 Please specify the password.
密码:
530 Login incorrect.
登录失败。
6. Create an ftp virtual hosting account
· Create a new user who cannot log in to the system. It is only used to log in to the ftp service
useradd ftpuser -s /sbin/nologin #创建一个没有登录界面的新用户
passwd ftpuser # 密码为dhc890dhc
C:\Users\DHC>ftp 46.100.106.18
连接到 46.100.106.18。
220 (vsFTPd 3.0.2)
用户(46.100.106.18:(none)): ftpuser
331 Please specify the password.
密码:
230 Login successful.
7. Modify selinux
· Check whether the upload is successful
C:\Users\DHC>ftp 46.100.106.18
连接到 46.100.106.18。
220 (vsFTPd 3.0.2)
用户(46.100.106.18:(none)): ftpuser
331 Please specify the password.
密码:
230 Login successful.
ftp> put d:\1.xlsx
200 PORT command successful. Consider using PASV.
553 Could not create file.
· Check status
getsebool -a | grep ftp
ftp_home_dir --> off
ftpd_anon_write --> off
ftpd_connect_all_unreserved --> off
ftpd_connect_db --> off
ftpd_full_access --> off
· Modify status
setsebool -P allow_ftpd_full_access on
setsebool -P ftp_home_dir on
systemctl restart vsftpd.service
· Upload again to be successful
ftp> put d:\1.xlsx
200 PORT command successful. Consider using PASV.
150 Ok to send data.
226 Transfer complete.
ftp: 发送 11443 字节,用时 0.00秒 5721.50千字节/秒。
8. Set VSFTPD to start on boot
chkconfig vsftpd on
2. Integration with nginx
1. Modify the configuration file of Nginx
server {
listen 80;
server_name 46.100.106.18;
location / {
root /home/ftpuser/www;
index index.html index.htm;
}
}
2. Create a www/images folder and upload images to the images folder
mkdir -p /home/ftpuser/www/images
// 通过filezilla上传图片即可
3. Change the owner and permissions of the folder
chown -R ftpuser:ftpuser /home/ftpuser
chmod 755 /home/ftpuser
4. Restart the Nginx service
/usr/local/nginx/sbin/nginx -s reload
5. Whether the test is successful
http://46.100.106.18/images/fxdl.jpg
...
...