First, install Nginx
- Close selinux and firewalld
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config
systemctl disable firewalld
yum -y install ntpdate
ntpdate ntp1.aliyun.com
yum -y install pcre pcre-devel openssl openssl-devel gcc
useradd nginx -s /sbin/nologin -M
wget http://nginx.org/download/nginx-1.13.11.tar.gz
tar xf nginx-1.13.11.tar.gz
cd nginx-1.13.11
./configure --user=nginx --group=nginx --prefix=/opt/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install
cd /opt/nginx/sbin/
ln -s /opt/nginx/sbin/* /usr/local/sbin/
- Modify the configuration file
cd /opt/nginx/conf/
mv nginx.conf nginx.conf_bak
cat <<EOF > /opt/nginx/conf/nginx.conf
user virtual;
worker_processes 2;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
autoindex on;
gzip on;
server {
listen 80;
server_name websftp.liveyu.com;
charset utf-8;
access_log logs/host.access.log main;
location / {
root /data/ftproot;
index index.html index.php index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
EOF
Second, install vsftpd
yum -y install vsftpd
mv /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf_bak
grep -v "#" /etc/vsftpd/vsftpd.conf_bak > /etc/vsftpd/vsftpd.conf
- Create a user database files for FTP authentication, in which the odd behavior of the account name, password even-behavior
cd / etc / vsftpd /
# Create a user database files for FTP authentication, in which the odd behavior of the account name, password behavior even-
CAT << EOF> vuser.list
ADMIN
123
EOF
- Use db_load command with a hash (hash) algorithm converts the original plaintext files into database files
# Use db_load command algorithm to convert a hash (hash) of the original plaintext files into database files
db_load -T -t hash - f vuser.list vuser.db
File vuser.db
chmod 600 vuser.db
RM -f vuser.list
- Create a virtual ftp user
useradd -d /var/ftproot -s /sbin/nologin virtual
ls -ld /var/ftproot/
chmod -Rf 755 /var/ftproot/
yum -y install pam* db4*
vim /etc/pam.d/vsftpd.vu
auth required pam_userdb.so db=/etc/vsftpd/vuser
account required pam_userdb.so db=/etc/vsftpd/vuser
mkdir /etc/vsftpd/vusers_dir/
cd /etc/vsftpd/vusers_dir/
touch admin
vim admin # 有上传/下载/修改权限
anon_world_readable_only=NO # anonymous users can browse FTP directory and download files
write_enable = YES # Set write permissions can
anon_upload_enable = YES # Allow anonymous users to upload files
anon_mkdir_write_enable = YES # Allow anonymous users to create directories
anon_other_write_enable = YES # is open to other write anonymous users the rights (including rename, and delete permissions)
local_root = / Data / ftproot / # local user FTP root
CAT / etc / the vsftpd / the vsftpd.conf
anonymous_enable = NO # whether anonymous users are allowed
local_enable = YES # allow local users log in the FTP
guest_enable = YES # open virtual user mode
guest_username =Virtual # specify the virtual user account
allow_writeable_chroot = YES # allowed to write the FTP root on the implementation of detention, and do not refuse to log the user's request
write_enable = YES # Set writable permissions
local_umask = 022 # anonymous users to upload files umask value
dirmessage_enable = # YES
xferlog_enable = YES
connect_from_port_20 = YES
xferlog_std_format = YES
the listen = NO # whether to run in a manner independent of the monitoring service
listen_ipv6 = YES
pam_service_name = vsftpd.vu # specified PAM files
userlist_enable= YES # open the user role feature list file
tcp_wrappers = YES
user_config_dir = / etc / vsftpd / vusers_dir
systemctl restart vsftpd
systemctl enable vsftpd