##############################################################################

1. close the firewall service

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#systemctl stop firewalld.service                     //stop the firewall service

#systemctl disable firewalld.service                 //disable it to luanch when the system starts up

##############################################################################

2. install iptables

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#yum install iptables iptables-services                        //install iptables

#vim /etc/sysconfig/iptables                      //edit iptables' configuration file

# Firewall configuration written by system-config-firewall

# Manual customization of this file is not recommended.

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [0:0]

-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A INPUT -p icmp -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 10060:10090 -j ACCEPT

-A INPUT -j REJECT --reject-with icmp-host-prohibited

-A FORWARD -j REJECT --reject-with icmp-host-prohibited

COMMIT

Type  <-  :wq! -> to save it and leave it out.

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#systemctl restart iptables.service                   //restart the firewall for taking effect

#systemctl enable iptables.service                   //configure the iptables service automatically reboot when the system starts up

Notice that:   21 port is the FTP server's port, however, the ports which are needed on the passive mode of the vsftpd  are from 10060 port to 10090 port , these ports you can define by yourself, it is up to you.

##############################################################################

3. Close  SELINUX

vim /etc/selinux/config

#SELINUX=enforcing 

#SELINUXTYPE=targeted 

SELINUX=disabled

:wq! to save and leave it out.

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#setenforce 0                       //Enable configuration to take effect immediately

##############################################################################

4. Install vsftpd

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#yum install -y vsftpd     //install vsftpd

#yum install -y psmisc net-tools systemd-devel libdb-devel perl-DBI

# systemctl start vsftpd.service

#systemctl enable vsftpd.service

##############################################################################

5. Configure vsftpd server's configuation file

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.backup

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=NO

anon_mkdir_write_enable=YES

dirmessage_enable=YES

xferlog_enable=YES

connect_from_port_20=YES

chown_uploads=YES

#xferlog_file=/var/log/xferlog

xferlog_std_format=YES

idle_session_timeout=300

data_connection_timeout=1

#nopriv_user=ftpsecure

async_abor_enable=YES

ascii_upload_enable=YES

ascii_download_enable=YES

ftpd_banner=Welcome to blah FTP service.

#deny_email_enable=YES

#banned_email_file=/etc/vsftpd/banned_emails

chroot_local_user=YES

#chroot_list_enable=YES

#chroot_list_file=/etc/vsftpd/chroot_list

#ls_recurse_enable=YES

listen=NO

listen_ipv6=YES

pam_service_name=vsftpd

userlist_enable=YES

tcp_wrappers=YES

use_localtime=YES

listen_port=21

guest_enable=YES

guest_username=vsftpd

user_config_dir=/etc/vsftpd/vconf

virtual_use_local_privs=YES

pasv_min_port=10060

pasv_max_port=10090

accept_timeout=5

connect_timeout=1

allow_writeable_chroot=YES

##############################################################################

6. create a virtual user list file

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#touch /etc/vsftpd/virtusers

#vim /etc/vsftpd/virtusers

web1

123456

web2

123456

web3

123456

:wq! to save and leave it out.

##############################################################################

7. generate a virtual user data file

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#db_load -T -t hash -f /etc/vsftpd/virtusers /etc/vsftpd/virtusers.db

#chmod 600 /etc/vsftpd/virtusers.db

##############################################################################

8. Edit /etc/pam.d/vsftpd file and add some information as below

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd.backup

#vim /etc/pam.d/vsftpd

auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers

account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers

Note that:   if your system is 32bit system, you can modify lib64 into lib, or you will fail to configure it correct.

##############################################################################

9. Create a system user vsftpd, its home directory is /home/wwwroot, set user login console as /bin/false (in order to disable its login function)

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#useradd vsftpd -m -d /home/wwwroot -s /bin/false

##############################################################################

10.  Create the configuration file for the virtual user vsftpd

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#mkdir /etc/vsftpd/vconf

#cd /etc/vsftpd/vconf

#touch web1 web2 web3

#mkdir -p /home/wwwroot/web1/http/

#mkdir -p /home/wwwroot/web2/http/

#mkdir -p /home/wwwroot/web3/http/

#vim web1

local_root=/home/wwwroot/web1/http/

write_enable=YES

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

#vim web2

local_root=/home/wwwroot/web2/http/

write_enable=YES

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

#vim web3

local_root=/home/wwwroot/web3/http/

write_enable=YES

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

##############################################################################

11. Restart vsftpd server

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#systemctl restart vsftpd.service

          ##############################################################################

  

                                Thank you for your reading!

                 That's all, at the same time, it's my pleasure to share something I know, hope it will be helpful for you.

  

          ##############################################################################

Setup and Configure the vsftpd server in CentOS 7 operation system的更多相关文章

  1. Setup VSFTPD Server with Virtual Users On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3

    We have already shown you How to Setup VSFTPD Server on CentOS 6.5/6.4 in our previous article. In t ...

  2. Setup FTP Server On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3

    setsebool allow_ftpd_full_access onsetsebool -P ftp_home_dir on vsftpd (Very Secure File Transport P ...

  3. setup FTP server on CentOS 7

    Setup FTP Server on CentOS 7 Install vsftpd vsftpd (Very Secure File Transport Protocol Daemon) is a ...

  4. Setup Git Server in CentOS 6.3

    0. Environment: Server machine: CentOS 6.3 x86 Client machine: Windows 10 Pro x86_64 1. Install ssh ...

  5. Installing MySQL Server on CentOS

    MySQL is an open-source relational database. For those unfamiliar with these terms, a database is wh ...

  6. How to: Set up Openswan L2TP VPN Server on CentOS 6

    Have you ever wanted to set up your own VPN server? By following the steps below, you can set up you ...

  7. Install RabbitMQ server in CentOS 7

    About RabbitMQ RabbitMQ is an open source message broker software, also sometimes known as message-o ...

  8. Tigase XMPP Server在CentOS部署和配置

    Tigase XMPP Server在CentOS部署与配置 作者:chszs,转载需注明.博客主页:http://blog.csdn.net/chszs 以下讲述Tigase XMPP Server ...

  9. You must configure either the server or JDBC driver (via the serverTimezone configuration property

    使用JDBC连接MySql时出现:The server time zone value '�й���׼ʱ��' is unrecognized or represents more than one ...

随机推荐

  1. Java实现3DES加密--及ANSI X9.8 Format标准 PIN PAN获取PIN BlOCK

    1, 采用银联ANSI X9.8标准 PIN xor PAN获取PIN BlOCK 2, 采用3Des进行加密 参考: des和3Des加密算法实现 要点:因为3DES是对称加密算法,key是24位, ...

  2. 分享基于分布式Http长连接框架--架构模型

    我画了个简单的架构图来帮助说明: 其实为发布订阅架构模式. 生产者和消费者我们统一可理解为客户端,消息中间件可认为是服务端. 生产者和消费者做为客户端要跟服务端交互,则先通过代理订阅服务端,订阅成功后 ...

  3. Detect Capital

    Given a word, you need to judge whether the usage of capitals in it is right or not. We define the u ...

  4. PHP和JS判断变量是否定义

    PHP中: 通过isset(变量名)来判断,定义返回true/未定义返回false JS中: 通过typeof来判断.

  5. spring 内部工作机制(一)

    Spring内部机制的内容较多,所以打算多分几个阶段来写. 本章仅探索Spring容器启动做了哪些事: 前言: 都说Spring容器就像一台构造精妙的机器,此话一点不假,我们通过配置文件向机器传达控制 ...

  6. 电脑IP地址被占用如何释放?

    回车后,关机,等待5分钟左右再开机,就释放掉了.

  7. PBOC圈存时用到3DES加密解密以及MAC计算方法

    最近在做PBOC圈存时用到了3DES的加密解密以及MAC计算问题,在网上了解一些知识,复制了一些demo学习,我这里没有深入研究,只是把我用到的和了解的做个总结,便于以后使用和学习. 3DES分双倍长 ...

  8. ThinkJS框架入门详细教程(二)新手入门项目

    一.准备工作 参考前一篇:ThinkJS框架入门详细教程(一)开发环境 安装thinkJS命令 npm install -g think-cli 监测是否安装成功 thinkjs -v 二.创建项目 ...

  9. Javascript/Jquery操作数组,增删改查以及动态创建HTML元素

    <html> <head> <title> New Document </title> <script src="~/Scripts/j ...

  10. 在SQL中用正则表达式替换html标签(2)

    由于数据库的一个表字段中多包含html标签,现在需要修改数据库的字段把html标签都替换掉.当然我可以通过写一个程序去修改,那毕竟有点麻烦.直接在查询分析器中执行,但是MS SQL Server并没有 ...