FTP is depracted. It’s been designed back in the days when the Internet consisted only of a few Computers. It’s not Firewall friendly (there are some hacks to get it through today’s Firewalls though) and should not be used any longer. Especially because the standard FTP protocol sends your password in clear-text across the net.
So, any alternatives? YES! There are at least WebDAV and SFTP (not to confuse with FTPs). I’m using WebDAV because it’s easier to authenticate my User’s accounts against a MySQL Table. WebDAV is an extension to the HTTP protocol so all you need is a Webserver that is reachable by your users. I am on using Debian for all examples, so don’t forget to replace any Debian specific commands with the appropiate ones of your Distro.
O.K. first of all I created a Database containing a Table with a structure like username(text), password(text). Use ENCRYPT to encrypt your passwords. Mine looks like:
1
2
3
4
5
6
7
8
|
+-------------+------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------------+------+------+-----+---------+-------+
| name | text | NO | | NULL | |
| username | text | NO | | NULL | |
| password | text | NO | | NULL | |
| description | text | NO | | NULL | |
+-------------+------+------+-----+---------+-------+
|
Make sure you have a user that has enough rights to access this table from your Webserver.
Next step is to enable WebDAV and DBD and restart apache2.
1
2
|
$ sudo a2enmod dav dav_fs dbd authn_dbd
$ sudo invoke-rc.d apache2 force-reload
|
That’s almost it! All you need to do now is configure MySQL somewhere in your httpd.conf, enable WebDAV and make sure apache2 has enough rights on the dir you want to enable WebDAV. This is how I did it on my Webserver. (If you’re also on Debian you can just add this to your /etc/apache2/sites-available/default)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
<Virtualhost *:80>
[...]
DBDriver mysql
DBDParams "host=mysqlhost.example.org dbname=network user=www-ext pass=123456
DBDPersist Off
[...]
Alias /restricted /var/www/restricted-webdav
<Directory /var/www/restricted-webdav>
DAV On
AuthType Basic
AuthName "Restricted"
AuthBasicProvider dbd
AuthDBDUserPWQuery "SELECT password FROM webdav WHERE username=%s"
Require valid-user
Options Indexes MultiViews FollowSymLinks
AllowOverride none
</Directory>
[...]
</VirtualHost>
|
That’s almost it, just do:
1
|
$ sudo invoke-rc.d apache2 reload
|
You can try cadaver:
1
2
3
4
5
6
7
8
9
10
11
12
13
|
$ cadaver https://www.chrisk.de/restricted
Authentication required for Restricted on server `www.chrisk.de':
Username: example
Password:
dav:/restricted/> ls
Listing collection `/restricted/': collection is empty.
dav:/restricted/> put Downloads/yet-another-photoblog.1.9.13.zip
Uploading Downloads/yet-another-photoblog.1.9.13.zip to `/restricted/yet-another-photoblog.1.9.13.zip':
Progress: [=============================>] 100.0% of 937488 bytes succeeded.
dav:/restricted/> ls
Listing collection `/restricted/': succeeded.
yet-another-photoblog.1.9.13.zip 937488 Nov 14 22:13
dav:/restricted/>
|
You can even “mount” these WebDAV drives in MacOS, Windows XP, Vista and most UNIX desktop environments. (Vista has some issues with WebDAV, see:
this)
That’s it. But you should consider switching to HTTPs for a more secure file-exchange.