100 likes | 715 Views
William A. Rowe, Jr. ASF Member, httpd and APR projects Sr. Software Engineer, Covalent Technologies. Apache HTTP mod_ftp. FTP Overview. File Transfer Protocol (FTP) is an efficient protocol for transferring files over a TCP/IP network
E N D
William A. Rowe, Jr.ASF Member, httpd and APR projectsSr. Software Engineer, Covalent Technologies Apache HTTP mod_ftp
FTP Overview • File Transfer Protocol (FTP) is an efficient protocol for transferring files over a TCP/IP network • Unlike HTTP, FTP is designed to handle binary files directly without encoding and decoding data • FTP session can be initiated over a command line, using graphical tools or via the Web Browser • Need to have a login account on the FTP server machine, or login as “anonymous” • Several FTP commands for manipulating files • STOR, DELE, LIST, RMD, MKD etc.
Lacks in enterprise integration, security and performance Need to have a parallel management infrastructure for serving FTP User administration Logging, log rotation Security Many do not support FTP restart Monolithic architecture, missing extensibility Shortcomings of traditional FTP
mod_ftp overview Fully RFC Compliant FTP implementation powered by Apache 2.0 (RFC: 959, 1123, 2228, 2389) • Leverages the new architecture of Apache 2, whereby content serving protocols are also modules now • Same instance of Apache can serve FTP, Secure FTP as well as HTTP and HTTPS. • Many FTP clients supported for SSL • CuteFTP, WSFTP Pro etc. • Supports FTP restart
mod_ftp Additional Features • FTP over SSL • Extensive authentication and authorization support • Dynamic content • Robust and known API • Allows for extensive expandability • Leverages Apache web server popularity • Extensible with module integration, mod_perl
FTP over SSL • mod_ftp leverages mod_ssl to encrypt traffic • Digital Certificates (X.509) • Explicit SSL • Server accepts both encrypted and unencrypted connections • Implicit SSL • Server accepts encrypted SSL connections only • User must connect using SSL, port 990 by default
Config Example ServerName ftphost.mydomain:21 ServerRoot /path/to/server/$(ServerName) ServerAdmin webmaster@ftphost.mydomain DocumentRoot "/path/to/server/$(ServerName)/ftpdocs" <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory "/path/to/server/$(ServerName)/ftpdocs"> <Limit MKD RMD STOR DELE RNFR> Order deny,allow Deny from all </Limit> </Directory> LoadModule ftp_module /path/modules/mod_ftp.so LogFormat "%u [%a] %r" cmd_log LogFormat "%{%b %e %H:%M:%S %Y}t %T %a %B %U %M %F %d %W %u %S %Z %Y" trans_log
Config Example continued Listen 21 <VirtualHost _default_:21> DocumentRoot "/path/to/ftpdocs" FTP On ErrorLog logs/ftp_error_log CustomLog logs/ftp_command_log cmd_log CustomLog logs/ftp_transfer_log transfer_log env=do_trans_log <Directory "/path/to/ftpdocs"> <IfModule mod_authz_file.c> AuthType Basic AuthName "FTP Authentication" AuthUserFile "/path/to/ftp_userfile" Require valid-user </IfModule> </Directory> </VirtualHost>
Good References http://httpd.apache.org/dev/dist/ http://httpd.apache.org/modules/ http://wiki.apache.org/httpd/ http://en.wikipedia.org/wiki/Ftp_client
Contact and Followup http://people.apache.org/~wrowe/ wrowe@rowe-clan.net IRC help at irc.freenode.net #apache Peer help at users@httpd.apache.org