Ubuntu FTP Server虚拟主机

Configuring Virtual Hosts for Ubuntu FTP Server (vsftpd)

To set up virtual hosts on an Ubuntu FTP server using vsftpd (Very Secure FTP Daemon), follow these structured steps. Virtual hosting allows a single FTP server to serve multiple domains or users with isolated directories.

1. Install vsftpd

Update your package list and install vsftpd:

sudo apt update
sudo apt install vsftpd

2. Configure vsftpd

Edit the main configuration file (/etc/vsftpd.conf) to enable virtual hosting and basic security:

sudo nano /etc/vsftpd.conf

Make the following changes:

• Enable local user login: local_enable=YES
• Allow write operations: write_enable=YES
• Restrict users to their home directories (chroot): chroot_local_user=YES
• Permit chroot directory to be writable (avoids permission issues): allow_writeable_chroot=YES
• Enable virtual host support: Add virtual_use_local_privs=YES and user_sub_token=$USER
• Set dynamic local root for each user: local_root=/home/$USER
• Disable anonymous access (optional but recommended for security): anonymous_enable=NO

Save and exit the editor.

3. Create Virtual Host Directories

For each virtual host (e.g., user1, user2), create a dedicated directory and set ownership:

sudo mkdir -p /home/user1/ftp
sudo mkdir -p /home/user2/ftp
sudo chown user1:user1 /home/user1/ftp
sudo chown user2:user2 /home/user2/ftp
sudo chmod 755 /home/user1/ftp
sudo chmod 755 /home/user2/ftp

Replace user1, user2 with your desired usernames and adjust directory paths as needed.

4. Create System Users for Virtual Hosts

Each virtual host requires a system user to associate with its directory. Create users without shell access (for security):

sudo adduser user1 --shell /usr/sbin/nologin
sudo adduser user2 --shell /usr/sbin/nologin

Set strong passwords when prompted.

5. Restart vsftpd

Apply configuration changes by restarting the service:

sudo systemctl restart vsftpd

6. Configure Firewall

Allow FTP traffic (port 21) and passive mode ports (typically 40000–50000) using UFW:

sudo ufw allow 21/tcp
sudo ufw allow 40000:50000/tcp
sudo ufw reload

7. Test Virtual Hosts

Use an FTP client (e.g., FileZilla) to verify connectivity:

• Host: Your server’s IP address
• Username: user1 (or the virtual host username)
• Password: The password set for the user

You should be restricted to the corresponding directory (e.g., /home/user1/ftp). Repeat for each virtual host.

Key Notes

• Security: Always disable anonymous access (anonymous_enable=NO) in production. Use strong passwords and consider enabling SSL/TLS (FTPS) for encrypted connections.
• Passive Mode: Ensure passive mode ports are open in your firewall to avoid connection issues for clients behind NAT.
• Logs: Monitor /var/log/vsftpd.log for troubleshooting (e.g., login failures, permission errors).

By following these steps, you can successfully configure virtual hosts on an Ubuntu FTP server using vsftpd, providing isolated storage for multiple users or domains.

声明：本文内容由网友自发贡献，本站不承担相应法律责任。对本内容有异议或投诉，请联系2913721942#qq.com核实处理，我们将尽快回复您，谢谢合作！