Server Enable FTP
- Operating system: Windows
- Server Image: Windows Server 2022 Datacenter Edition (Simplified Chinese) 64-bit
I. New users and folders
Step 1: Create a new user
-
Open Computer Management。
- show (a ticket)"System Tools"hit the nail on the head"Local users and groups"Right-click and select"New group"。
- right click and select"New Users", set a username and password, and select"Passwords never expire."。
- Double-click the newly created user in the"Affiliated."Add a column to the user group you just created”FTP Users“。
Step 2: Create a new folder
- Create a new folder as the FTP root folder.
- Right-click on the newly created”FTPShare“folder, select Properties, open the Security section, click Edit, and then click Add.
- Enter the user group you created earlier”FTP Users“, tap OK and then tap Apply.
- A successful addition will result in an additional user group.
Configuring the FTP site
Step 1: Install the FTP Server Role
- Open Server Manager: Click the Server Manager icon on the taskbar.
- Click on the upper right corner of the"Management"Selection"Add roles and functions"。
- In the Add Roles and Features Wizard, click the"Next."You can use the "Roles" page until you reach the "Roles" page.
- tick"Web server (IIS)" as well asFTP server related functions, make sure that the following two are installed:
- FTP service
- FTP Extension
- Continue to click "Next" and then click the "Install" button and wait for the installation to complete.
Step 2: Configure the FTP site
- show (a ticket)IIS Manager(You can search for "IIS Manager" in the Start Menu).
- In the Connections pane on the left, expand the server name, right-click the"Site"Selection"Add FTP site"。
- In the Add FTP Site wizard:
- Site name: Enter a descriptive name, such as "FTP Site".
- physical path: Select the folder to be used as the FTP root directory.
4. Click Next.
Step 3: Binding and SSL Settings
- On the Bindings and SSL Settings screen:
- IP address: Select "All unallocated".
- ports: The default is 21 and can be left unchanged.
- SSL Settings: Select "No SSL required" (it is recommended to configure SSL when accessing the public network, you can choose not to require SSL when configuring for the first time, but you can configure it at a later stage).
2. Click "Next".
In the binding and SSL settings when configuring an FTP site, you should choose the IP address for binding based on the actual network environment of the server. The following are suggestions for three choices:
- All Unassigned:
- Selecting "All Unassigned" is a common choice if your server has only one public IP address and there is nothing else that requires special configuration.
- This configuration will allow the server to listen to all available IP addresses (both private and public IPs), thus accommodating a wider range of access scenarios.
- Private IP address of the server:
- If your server is located on an intranet and accesses the public network through a NAT forwarding port (for example, through a router or firewall device), you can select a private IP address.
- In this case, you need to set up a port forwarding rule on your router or firewall to forward port 21 requests from the public IP to the server's private IP.
- Public IP address of the server:
- If the server is directly exposed to the Internet and has a fixed public IP address, it is recommended that you select the public IP of the server when binding.
- This configuration makes it more accurate for clients to access the public IP address directly and avoids other unnecessary network traffic interference.
Step 4: Authentication and authorization
- On the Authentication and Authorization screen:
- authentication: Enable "basic" authentication.
-
authorizations: Select "Specify Role or User Group", fill in the previously created user group "FTP Users", and grant it "Read" or "Read/Write" privileges. /write" permission.
- Click Finish to complete the FTP site settings.
Step 5: Configure Windows Firewall
- show (a ticket)Windows Defender FirewallClick"Advanced Settings"。
- In the left menu, click"Rules of Entry"and then click on the right side of the"New Rule"。
- In the Rule Wizard, select"Ports."Then click Next.
- option“TCP” and in "Specific Local Port" enter
21
Then click Next. - Allow the connection and click Next.
- Select the applicable profile (Domain, Private, Public) and click Next.
- Enter a descriptive name, such as "FTP Port 21 Rule" and click Finish.
- The result after configuration is as follows.
Step 6: Passive Mode Port Range Configuration
- show (a ticket)IIS Manager。
- In the left pane, click on the server name and select the"FTP Firewall Support"。
- In the right edit window, configure theData Channel Port Range(e.g., 1024-65535).
- set up"External IP address of the firewall."The IP address of the server is also known as the public IP address of the server.
- strike (on the keyboard)"Applications" Save the settings.
- Then, open a range of these ports in the firewall (as done in step 5 above) to allow these ports to be used for passive FTP connections. The result after setting up is as follows.
Step 7: Add a new rule to the server's security group
- Open the security group of Elastic Cloud Hosting, click Add Rule, and add the bottom two rules.
Other Precautions
- Ensure that the server is properly configured with a public IP address and is accessible through an external network.
- If there is a router or firewall device between the server and the client, ensure that the appropriate port forwarding (Port 21 and Passive Port Range) has been correctly configured.
- Ensure that the server's security group has addedPort 21 and Passive Port RangeThe rules.
III. Testing
Test FTP connection via public IP
- On your local computer, open an FTP client (for example, FileZilla or Xftp or Windows Explorer).
- Connect to the FTP server and enter the following information:
- server address: The public IP address of the server.
- user ID: The user name you are authorized to use in the FTP site.
- cryptographic: The user's password.
- Once connected, you should be able to see the contents of the FTP folder on the server.