Difference between revisions of "FileZilla FTP Server"

From FileZilla Wiki
Jump to navigationJump to search
m (Reverted edit of Webfork, changed back to last version by CodeSquid)
Line 1: Line 1:
FileZilla Server is an FTP server that supports FTP and FTP over SSL/TLS. FTP over SSL/TLS provides secure encrypted connections to the server.
+
'''FileZilla Server''' is a simple and efficient file transfer protocol (FTP) server program for use in most versions of Windows (NT, 2000, and XP). It also supports compression, secure connections, and both speed and user limits.  Hardware requirements are extremely low, requiring only a Pentium-level machine, and taking up only 3.4 megs of system memory (the interface requires 6 megs but may be turned off when not in use).
  
FileZilla supports SSL, the same level of encryption supported by your web browser, to protect your data. When using SSL your data is encrypted so that prying eyes cannot see it, and your confidential information is protected. It also supports on-the-fly data compression, which can improve the transfer rates.
+
It is ''strongly recommended'' you have at least a DSL or Cable connection to run any FTP Server.
  
Among others, the features of FileZilla include the following:
+
=== Why an FTP server? ===
* Easy to use
+
 
* Multilingual (English, German, French, Japanese, just to name a few)
+
FTP Servers allow for remote file retrieval and management, downloading large files gradually, and often higher speeds than other software.  Improving over regular Windows Sharing, large numbers of files transferring do not cease when only one file will not copy (good for data backups).  FTP servers are enormously flexible and can be configured for remote file access, workgroups, and anonymous file distribution.
* Strong encryption support using SFTP over SSH and FTP over SSL/TLS
+
 
* Supports transfer resuming and files larger than 4 GB
+
Accessing almost any FTP server is extremely easy, as almost every computer built after around 1995 has an FTP client that can connect to it.
* Site Manager
+
 
* Queue support
+
=== Why use FileZilla's Server? ===
* Proxy support
+
 
* Speed limits
+
FileZilla Server is extremely easy to use, has many security features, and low ($0) price tag.  Donations are welcome but not required.  Also, the software's internals are available to anyone and are licensed with the same open source license used by Linux (the GPL).
* MODE Z transfer compressing
+
 
 +
=== Features ===
 +
 
 +
* Easy to use - similar in design to bulletproof FTP
 +
* Speed limits - prevents saturation of bandwidth
 +
* Compression - increase the speed of transfers via MODE Z on-the-fly compression
 +
* Encryption - keep important data confidential using the same technologies your web browser uses.  Known as FTP over SSL/TLS or FTPS.
 +
 
 +
[http://sourceforge.net/docman/display_doc.php?docid=24747&group_id=21558 FileZilla Server FAQ]
 +
 
 +
== Recommendations ==
 +
 
 +
'''Note of Caution:'''  Running a remote access server can invite outside interference.  It is recommended that users research this operation and understand the problems that can occur when you run any computer server that is accessible from the Internet.  Users not familiar with this process should restrict the server to only local connections (see below):
 +
 
 +
=== Restricting your server to local access ===
 +
 
 +
Most routers hide your FTP server from the outside world but this is another preventative step:
 +
 
 +
# From the menu, select "Server" -- "Settings".
 +
# Under "General settings", select "IP filter"
 +
# In the first box, type an asterisk "*" (no quotes)
 +
# In the second box, type your local address.  This should be "192.168.1.*" (no quotes) but different routers will use different numbers, usually "192.168.0.*" or "192.168.2.*".
 +
 
 +
=== Making your server remote-accessible ===
 +
 
 +
To connect to your home computer, you must enable an intermediary service.  Most DSL or cable customers are protected from the outside world by several barriers.  Talk to your provider about a static IP or look into services such as http://www.dyndns.org and http://www.no-ip.com (or [http://www.technopagan.org/dynamic/ other providers]).  Use a guide [http://www.no-ip.com/support/guides/other/using_cable_dsl_router.html like this] to help with setting up your DSL/Cable router.  Look for "The Demilitarized Zone" in your router documentation and put your server's IP there.
 +
 
 +
=== Restricting Administrative Access ===
 +
 
 +
Under the "Edit menu" select  "Settings" -- "admin interface settings," and look at the box labeled "select IP addresses which are allowed to interface."
 +
 
 +
Here, enter your local IP address, which will probably be "192.168.1.*" (do not include the quotes).  Some routers use "192.168.0.*" or "192.168.2.*".  Check your router documentation or open a Command Prompt window and type "IPCONFIG."  The asterisk is a wildcard that means any computer connected directly to your router can administer the server.
 +
 
 +
Alternately (or additionally for increased security), you may also add a password.  In the same window, check the "Change admin password" box and enter (and re-type in the next box) your password.  For security, it should be as long as possible, but is required to be above 6 characters.
 +
 
 +
=== Speed limits ===
 +
 
 +
Download and upload speed limits are important to prevent your server from overloading your Internet connection.  Under the options menu, under "speed limits," enter a constant speed limit that is below your maximum speed.  Many cable customers will have around 50k download speed limit, and 200k upload limit (realizing that sounds backwards).  In this case, you will wish to set a constant speed limit of around 30k download and 100k upload.  This should prevent your server from interfering with your regular Internet usage.
 +
 
 +
Individual user accounts may be set to bypass any speed limits which is useful for local connections on the same router, described under "Setting up users" below.  Additionally, under "Filetransfer compression," check the box next to "Exclude private IP address ranges", and enter the same "192.168.1.*" in the box below it.
 +
 
 +
=== Setting up encryption ===
 +
 
 +
Under SSL/TLS settings, check "Enable SSL/TSS support" box and click the "Generate new certificate" box at the bottom of the page.  The computer will ask where to place a certificate, and then generate one.  It is recommended to click the box next to "allow explicit SSL/TLS on normal connections."  This will allow the flexibility to have some users use encryption for secure transfers, while others may avoid using the extra processor speed and slower transfer rates.
 +
 
 +
=== Setting up users ===
 +
 
 +
User settings are fairly intuitive but here are some loose suggestions:
 +
 
 +
* '''Local Use''' - in order to keep connection speeds high between your server and local computers, it is important to turn off all compression, encryption, and speed limits.
 +
 
 +
* '''Remote Use''' - to best protect your data, encryption and compression should be used together.  To increase transfer speed, simply use compression.
 +
 
 +
* '''Untrusted Users''' - you may restrict access to specific folders, write permissions, the capability to delete data, and much more.  You may also require users to use encryption to prevent eavesdropping.
 +
 
 +
* '''Groups of users''' - if you are enabling your server for a large number of people, it helps to create a user group of default settings.  Usually, you should include a restriction on the total number of users and on the speed limit of individual connections.  This will prevent bottlenecking.
 +
 
 +
 
 +
=== Enterprise file servers ===
 +
 
 +
FileZilla Server is probably not suited for high security or large-scale operations.  It is not recommended for use with government or for transferring highly sensitive information.  As described in the license distributed with every copy of FileZilla or FileZilla Server, there is no warranty for this software.  It is however probably much more secure than Windows networking alone.

Revision as of 14:15, 23 December 2006

FileZilla Server is a simple and efficient file transfer protocol (FTP) server program for use in most versions of Windows (NT, 2000, and XP). It also supports compression, secure connections, and both speed and user limits. Hardware requirements are extremely low, requiring only a Pentium-level machine, and taking up only 3.4 megs of system memory (the interface requires 6 megs but may be turned off when not in use).

It is strongly recommended you have at least a DSL or Cable connection to run any FTP Server.

Why an FTP server?

FTP Servers allow for remote file retrieval and management, downloading large files gradually, and often higher speeds than other software. Improving over regular Windows Sharing, large numbers of files transferring do not cease when only one file will not copy (good for data backups). FTP servers are enormously flexible and can be configured for remote file access, workgroups, and anonymous file distribution.

Accessing almost any FTP server is extremely easy, as almost every computer built after around 1995 has an FTP client that can connect to it.

Why use FileZilla's Server?

FileZilla Server is extremely easy to use, has many security features, and low ($0) price tag. Donations are welcome but not required. Also, the software's internals are available to anyone and are licensed with the same open source license used by Linux (the GPL).

Features

  • Easy to use - similar in design to bulletproof FTP
  • Speed limits - prevents saturation of bandwidth
  • Compression - increase the speed of transfers via MODE Z on-the-fly compression
  • Encryption - keep important data confidential using the same technologies your web browser uses. Known as FTP over SSL/TLS or FTPS.

FileZilla Server FAQ

Recommendations

Note of Caution: Running a remote access server can invite outside interference. It is recommended that users research this operation and understand the problems that can occur when you run any computer server that is accessible from the Internet. Users not familiar with this process should restrict the server to only local connections (see below):

Restricting your server to local access

Most routers hide your FTP server from the outside world but this is another preventative step:

  1. From the menu, select "Server" -- "Settings".
  2. Under "General settings", select "IP filter"
  3. In the first box, type an asterisk "*" (no quotes)
  4. In the second box, type your local address. This should be "192.168.1.*" (no quotes) but different routers will use different numbers, usually "192.168.0.*" or "192.168.2.*".

Making your server remote-accessible

To connect to your home computer, you must enable an intermediary service. Most DSL or cable customers are protected from the outside world by several barriers. Talk to your provider about a static IP or look into services such as http://www.dyndns.org and http://www.no-ip.com (or other providers). Use a guide like this to help with setting up your DSL/Cable router. Look for "The Demilitarized Zone" in your router documentation and put your server's IP there.

Restricting Administrative Access

Under the "Edit menu" select "Settings" -- "admin interface settings," and look at the box labeled "select IP addresses which are allowed to interface."

Here, enter your local IP address, which will probably be "192.168.1.*" (do not include the quotes). Some routers use "192.168.0.*" or "192.168.2.*". Check your router documentation or open a Command Prompt window and type "IPCONFIG." The asterisk is a wildcard that means any computer connected directly to your router can administer the server.

Alternately (or additionally for increased security), you may also add a password. In the same window, check the "Change admin password" box and enter (and re-type in the next box) your password. For security, it should be as long as possible, but is required to be above 6 characters.

Speed limits

Download and upload speed limits are important to prevent your server from overloading your Internet connection. Under the options menu, under "speed limits," enter a constant speed limit that is below your maximum speed. Many cable customers will have around 50k download speed limit, and 200k upload limit (realizing that sounds backwards). In this case, you will wish to set a constant speed limit of around 30k download and 100k upload. This should prevent your server from interfering with your regular Internet usage.

Individual user accounts may be set to bypass any speed limits which is useful for local connections on the same router, described under "Setting up users" below. Additionally, under "Filetransfer compression," check the box next to "Exclude private IP address ranges", and enter the same "192.168.1.*" in the box below it.

Setting up encryption

Under SSL/TLS settings, check "Enable SSL/TSS support" box and click the "Generate new certificate" box at the bottom of the page. The computer will ask where to place a certificate, and then generate one. It is recommended to click the box next to "allow explicit SSL/TLS on normal connections." This will allow the flexibility to have some users use encryption for secure transfers, while others may avoid using the extra processor speed and slower transfer rates.

Setting up users

User settings are fairly intuitive but here are some loose suggestions:

  • Local Use - in order to keep connection speeds high between your server and local computers, it is important to turn off all compression, encryption, and speed limits.
  • Remote Use - to best protect your data, encryption and compression should be used together. To increase transfer speed, simply use compression.
  • Untrusted Users - you may restrict access to specific folders, write permissions, the capability to delete data, and much more. You may also require users to use encryption to prevent eavesdropping.
  • Groups of users - if you are enabling your server for a large number of people, it helps to create a user group of default settings. Usually, you should include a restriction on the total number of users and on the speed limit of individual connections. This will prevent bottlenecking.


Enterprise file servers

FileZilla Server is probably not suited for high security or large-scale operations. It is not recommended for use with government or for transferring highly sensitive information. As described in the license distributed with every copy of FileZilla or FileZilla Server, there is no warranty for this software. It is however probably much more secure than Windows networking alone.

Retrieved from "https://wiki.filezilla-project.org/wiki/index.php?title=FileZilla_FTP_Server&oldid=1638"