HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   FTP access denied with DMZ (http://www.howtoforge.com/forums/showthread.php?t=25415)

fycserv 24th July 2008 09:36

FTP access denied with DMZ
 
Hi,

I have server (Fedora 7) with IspConfig installed and running. Everything works pretty well except the ftp access for the sites. The ftp web based is working perfect.

Time ago I setup the same system and the FTP worked fine. The only one difference between my old system and the newone is the use of a DMZ configured in the router. In my first setup I had a cable with a public address directly connected to the server. Now I had a DMZ that relates a public address with a local address which points to the server. Probably that is the origin of the problem.

As a consequence, I have to give shell access and update the sites using SFTP but, with shell access and administrative permissions, an User can go up into the path /var/www/web_n and see the content of other sites.

If there any possibility of get back on the normal FTP system and avoid the use of the SFTP with shell access ?

Thanks a lot.

till 24th July 2008 09:42

In the file proftpd.conf, please try to comment out the proftpd_ispconfig.conf file include line and restart proftpd.

fycserv 24th July 2008 19:24

Thanks Till,

Before I posted the questions I took a look for a solution to my problem. I think I saw this asnwer before and in tha threat, the guy ask you "Why this solves the problem". I also remeber that there is some functionality that is lost by doing what you suggest.

I'll test if my clients have ftp service indepedently one from the other after I do what you mentioned. But I would like to know if the DMZ has something to be in this problem.

falko 25th July 2008 12:06

Quote:

Originally Posted by fycserv (Post 137600)
I also remeber that there is some functionality that is lost by doing what you suggest.

This only affects anonymous FTP, nothing else.

fycserv 27th July 2008 21:46

Thanks to Falko and Till, Great support !


All times are GMT +2. The time now is 20:56.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.