##############################################################################

1. close the firewall service

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#systemctl stop firewalld.service                     //stop the firewall service

#systemctl disable firewalld.service                 //disable it to luanch when the system starts up

##############################################################################

2. install iptables

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#yum install iptables iptables-services                        //install iptables

#vim /etc/sysconfig/iptables                      //edit iptables' configuration file

# Firewall configuration written by system-config-firewall

# Manual customization of this file is not recommended.

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [0:0]

-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A INPUT -p icmp -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 10060:10090 -j ACCEPT

-A INPUT -j REJECT --reject-with icmp-host-prohibited

-A FORWARD -j REJECT --reject-with icmp-host-prohibited

COMMIT

Type  <-  :wq! -> to save it and leave it out.

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#systemctl restart iptables.service                   //restart the firewall for taking effect

#systemctl enable iptables.service                   //configure the iptables service automatically reboot when the system starts up

Notice that:   21 port is the FTP server's port, however, the ports which are needed on the passive mode of the vsftpd  are from 10060 port to 10090 port , these ports you can define by yourself, it is up to you.

##############################################################################

3. Close  SELINUX

vim /etc/selinux/config

#SELINUX=enforcing 

#SELINUXTYPE=targeted 

SELINUX=disabled

:wq! to save and leave it out.

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#setenforce 0                       //Enable configuration to take effect immediately

##############################################################################

4. Install vsftpd

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#yum install -y vsftpd     //install vsftpd

#yum install -y psmisc net-tools systemd-devel libdb-devel perl-DBI

# systemctl start vsftpd.service

#systemctl enable vsftpd.service

##############################################################################

5. Configure vsftpd server's configuation file

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.backup

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=NO

anon_mkdir_write_enable=YES

dirmessage_enable=YES

xferlog_enable=YES

connect_from_port_20=YES

chown_uploads=YES

#xferlog_file=/var/log/xferlog

xferlog_std_format=YES

idle_session_timeout=300

data_connection_timeout=1

#nopriv_user=ftpsecure

async_abor_enable=YES

ascii_upload_enable=YES

ascii_download_enable=YES

ftpd_banner=Welcome to blah FTP service.

#deny_email_enable=YES

#banned_email_file=/etc/vsftpd/banned_emails

chroot_local_user=YES

#chroot_list_enable=YES

#chroot_list_file=/etc/vsftpd/chroot_list

#ls_recurse_enable=YES

listen=NO

listen_ipv6=YES

pam_service_name=vsftpd

userlist_enable=YES

tcp_wrappers=YES

use_localtime=YES

listen_port=21

guest_enable=YES

guest_username=vsftpd

user_config_dir=/etc/vsftpd/vconf

virtual_use_local_privs=YES

pasv_min_port=10060

pasv_max_port=10090

accept_timeout=5

connect_timeout=1

allow_writeable_chroot=YES

##############################################################################

6. create a virtual user list file

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#touch /etc/vsftpd/virtusers

#vim /etc/vsftpd/virtusers

web1

123456

web2

123456

web3

123456

:wq! to save and leave it out.

##############################################################################

7. generate a virtual user data file

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#db_load -T -t hash -f /etc/vsftpd/virtusers /etc/vsftpd/virtusers.db

#chmod 600 /etc/vsftpd/virtusers.db

##############################################################################

8. Edit /etc/pam.d/vsftpd file and add some information as below

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd.backup

#vim /etc/pam.d/vsftpd

auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers

account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers

Note that:   if your system is 32bit system, you can modify lib64 into lib, or you will fail to configure it correct.

##############################################################################

9. Create a system user vsftpd, its home directory is /home/wwwroot, set user login console as /bin/false (in order to disable its login function)

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#useradd vsftpd -m -d /home/wwwroot -s /bin/false

##############################################################################

10.  Create the configuration file for the virtual user vsftpd

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#mkdir /etc/vsftpd/vconf

#cd /etc/vsftpd/vconf

#touch web1 web2 web3

#mkdir -p /home/wwwroot/web1/http/

#mkdir -p /home/wwwroot/web2/http/

#mkdir -p /home/wwwroot/web3/http/

#vim web1

local_root=/home/wwwroot/web1/http/

write_enable=YES

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

#vim web2

local_root=/home/wwwroot/web2/http/

write_enable=YES

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

#vim web3

local_root=/home/wwwroot/web3/http/

write_enable=YES

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

##############################################################################

11. Restart vsftpd server

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#systemctl restart vsftpd.service

          ##############################################################################

  

                                Thank you for your reading!

                 That's all, at the same time, it's my pleasure to share something I know, hope it will be helpful for you.

  

          ##############################################################################

Setup and Configure the vsftpd server in CentOS 7 operation system的更多相关文章

  1. Setup VSFTPD Server with Virtual Users On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3

    We have already shown you How to Setup VSFTPD Server on CentOS 6.5/6.4 in our previous article. In t ...

  2. Setup FTP Server On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3

    setsebool allow_ftpd_full_access onsetsebool -P ftp_home_dir on vsftpd (Very Secure File Transport P ...

  3. setup FTP server on CentOS 7

    Setup FTP Server on CentOS 7 Install vsftpd vsftpd (Very Secure File Transport Protocol Daemon) is a ...

  4. Setup Git Server in CentOS 6.3

    0. Environment: Server machine: CentOS 6.3 x86 Client machine: Windows 10 Pro x86_64 1. Install ssh ...

  5. Installing MySQL Server on CentOS

    MySQL is an open-source relational database. For those unfamiliar with these terms, a database is wh ...

  6. How to: Set up Openswan L2TP VPN Server on CentOS 6

    Have you ever wanted to set up your own VPN server? By following the steps below, you can set up you ...

  7. Install RabbitMQ server in CentOS 7

    About RabbitMQ RabbitMQ is an open source message broker software, also sometimes known as message-o ...

  8. Tigase XMPP Server在CentOS部署和配置

    Tigase XMPP Server在CentOS部署与配置 作者:chszs,转载需注明.博客主页:http://blog.csdn.net/chszs 以下讲述Tigase XMPP Server ...

  9. You must configure either the server or JDBC driver (via the serverTimezone configuration property

    使用JDBC连接MySql时出现:The server time zone value '�й���׼ʱ��' is unrecognized or represents more than one ...

随机推荐

  1. HIbernate实体类注解配置

    一.类级别注解 1.@Entity(name="EntityName") 必须 name为可选,对应数据库中一的个表 2.@Table(name="",cata ...

  2. Windows下chm转换为html的超简单方法

    摘要:通过调用Windows命令,将chm 文件转换为html 文件 概述:很多程序员朋友都会遇到这样的问题,看一个离线版的帮助文档(chm文件),总会产生一个索引文件(该文件的chw文件), 而且有 ...

  3. 深入浅出AQS之独占锁模式

    每一个Java工程师应该都或多或少了解过AQS,我自己也是前前后后,反反复复研究了很久,看了忘,忘了再看,每次都有不一样的体会.这次趁着写博客,打算重新拿出来系统的研究下它的源码,总结成文章,便于以后 ...

  4. js中+号的另外一种用法

    JavaScript中可以在某个元素前使用 ‘+’ 号,这个操作是将该元素转换成Number类型,如果转换失败,那么将得到 NaN. 所以 +new Date 将会调用 Date.prototype ...

  5. Run Away 模拟退火

    Run Away Time Limit:5000MS     Memory Limit:32768KB     64bit IO Format:%I64d & %I64u Submit Sta ...

  6. bzoj1051(明星奶牛)

    这道就是明星奶牛,A了一次又一次了,(⊙o⊙)-(⊙o⊙)- 去年pas就打了不下5次,就是强联通缩点,然后求出度为0的块 判断有多个的话就无解,一个就输出块的大小. #include<cstd ...

  7. ios实现无限后台任务

    需求 我们的app是使用心跳机制来保持用户的登陆状态,这样才能收到服务器发来的消息和命令,但是当app进入后台以后大约3分钟或者10分钟之后app就会被系统挂起,用户就会超时下线,这样就必须保持app ...

  8. 记住密码"功能的正确设计

    Web上的用户登录功能应该是最基本的功能了,可是在我看过一些站点的用户登录功能后,我觉得很有必要写一篇文章教大家怎么来做用户登录功能.下面的文章告诉大家这个功能可能并没有你所想像的那么简单,这是一个关 ...

  9. webpack——devtool里的7种SourceMap模式

    我们先来看看文档对这 7 种模式的解释: 模式 解释 eval 每个module会封装到 eval 里包裹起来执行,并且会在末尾追加注释 //@ sourceURL. source-map 生成一个S ...

  10. 服务器cpu100%问题分析

    ecs 130 : slb: