##############################################################################

1. close the firewall service

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#systemctl stop firewalld.service                     //stop the firewall service

#systemctl disable firewalld.service                 //disable it to luanch when the system starts up

##############################################################################

2. install iptables

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#yum install iptables iptables-services                        //install iptables

#vim /etc/sysconfig/iptables                      //edit iptables' configuration file

# Firewall configuration written by system-config-firewall

# Manual customization of this file is not recommended.

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [0:0]

-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A INPUT -p icmp -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 10060:10090 -j ACCEPT

-A INPUT -j REJECT --reject-with icmp-host-prohibited

-A FORWARD -j REJECT --reject-with icmp-host-prohibited

COMMIT

Type  <-  :wq! -> to save it and leave it out.

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#systemctl restart iptables.service                   //restart the firewall for taking effect

#systemctl enable iptables.service                   //configure the iptables service automatically reboot when the system starts up

Notice that:   21 port is the FTP server's port, however, the ports which are needed on the passive mode of the vsftpd  are from 10060 port to 10090 port , these ports you can define by yourself, it is up to you.

##############################################################################

3. Close  SELINUX

vim /etc/selinux/config

#SELINUX=enforcing 

#SELINUXTYPE=targeted 

SELINUX=disabled

:wq! to save and leave it out.

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#setenforce 0                       //Enable configuration to take effect immediately

##############################################################################

4. Install vsftpd

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#yum install -y vsftpd     //install vsftpd

#yum install -y psmisc net-tools systemd-devel libdb-devel perl-DBI

# systemctl start vsftpd.service

#systemctl enable vsftpd.service

##############################################################################

5. Configure vsftpd server's configuation file

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.backup

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=NO

anon_mkdir_write_enable=YES

dirmessage_enable=YES

xferlog_enable=YES

connect_from_port_20=YES

chown_uploads=YES

#xferlog_file=/var/log/xferlog

xferlog_std_format=YES

idle_session_timeout=300

data_connection_timeout=1

#nopriv_user=ftpsecure

async_abor_enable=YES

ascii_upload_enable=YES

ascii_download_enable=YES

ftpd_banner=Welcome to blah FTP service.

#deny_email_enable=YES

#banned_email_file=/etc/vsftpd/banned_emails

chroot_local_user=YES

#chroot_list_enable=YES

#chroot_list_file=/etc/vsftpd/chroot_list

#ls_recurse_enable=YES

listen=NO

listen_ipv6=YES

pam_service_name=vsftpd

userlist_enable=YES

tcp_wrappers=YES

use_localtime=YES

listen_port=21

guest_enable=YES

guest_username=vsftpd

user_config_dir=/etc/vsftpd/vconf

virtual_use_local_privs=YES

pasv_min_port=10060

pasv_max_port=10090

accept_timeout=5

connect_timeout=1

allow_writeable_chroot=YES

##############################################################################

6. create a virtual user list file

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#touch /etc/vsftpd/virtusers

#vim /etc/vsftpd/virtusers

web1

123456

web2

123456

web3

123456

:wq! to save and leave it out.

##############################################################################

7. generate a virtual user data file

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#db_load -T -t hash -f /etc/vsftpd/virtusers /etc/vsftpd/virtusers.db

#chmod 600 /etc/vsftpd/virtusers.db

##############################################################################

8. Edit /etc/pam.d/vsftpd file and add some information as below

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd.backup

#vim /etc/pam.d/vsftpd

auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers

account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers

Note that:   if your system is 32bit system, you can modify lib64 into lib, or you will fail to configure it correct.

##############################################################################

9. Create a system user vsftpd, its home directory is /home/wwwroot, set user login console as /bin/false (in order to disable its login function)

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#useradd vsftpd -m -d /home/wwwroot -s /bin/false

##############################################################################

10.  Create the configuration file for the virtual user vsftpd

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#mkdir /etc/vsftpd/vconf

#cd /etc/vsftpd/vconf

#touch web1 web2 web3

#mkdir -p /home/wwwroot/web1/http/

#mkdir -p /home/wwwroot/web2/http/

#mkdir -p /home/wwwroot/web3/http/

#vim web1

local_root=/home/wwwroot/web1/http/

write_enable=YES

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

#vim web2

local_root=/home/wwwroot/web2/http/

write_enable=YES

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

#vim web3

local_root=/home/wwwroot/web3/http/

write_enable=YES

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

##############################################################################

11. Restart vsftpd server

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#systemctl restart vsftpd.service

          ##############################################################################

  

                                Thank you for your reading!

                 That's all, at the same time, it's my pleasure to share something I know, hope it will be helpful for you.

  

          ##############################################################################

Setup and Configure the vsftpd server in CentOS 7 operation system的更多相关文章

  1. Setup VSFTPD Server with Virtual Users On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3

    We have already shown you How to Setup VSFTPD Server on CentOS 6.5/6.4 in our previous article. In t ...

  2. Setup FTP Server On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3

    setsebool allow_ftpd_full_access onsetsebool -P ftp_home_dir on vsftpd (Very Secure File Transport P ...

  3. setup FTP server on CentOS 7

    Setup FTP Server on CentOS 7 Install vsftpd vsftpd (Very Secure File Transport Protocol Daemon) is a ...

  4. Setup Git Server in CentOS 6.3

    0. Environment: Server machine: CentOS 6.3 x86 Client machine: Windows 10 Pro x86_64 1. Install ssh ...

  5. Installing MySQL Server on CentOS

    MySQL is an open-source relational database. For those unfamiliar with these terms, a database is wh ...

  6. How to: Set up Openswan L2TP VPN Server on CentOS 6

    Have you ever wanted to set up your own VPN server? By following the steps below, you can set up you ...

  7. Install RabbitMQ server in CentOS 7

    About RabbitMQ RabbitMQ is an open source message broker software, also sometimes known as message-o ...

  8. Tigase XMPP Server在CentOS部署和配置

    Tigase XMPP Server在CentOS部署与配置 作者:chszs,转载需注明.博客主页:http://blog.csdn.net/chszs 以下讲述Tigase XMPP Server ...

  9. You must configure either the server or JDBC driver (via the serverTimezone configuration property

    使用JDBC连接MySql时出现:The server time zone value '�й���׼ʱ��' is unrecognized or represents more than one ...

随机推荐

  1. TestNG操作详解

    运行测试步骤方法有如下两种: 1. 直接在Eclipse运行testNG的测试用例, 在代码编辑区域鼠标右键, 选择Run as ->testNG Test 2. 在工程的根目录下, 建立tes ...

  2. Android 之json解析

    JSON(JavaScript Object Notation) 定义:字符串 键值对 解析方法有JSON,谷歌GSON,阿里巴巴FastJSON(推荐) 一种轻量级的数据交换格式,具有良好的可读和便 ...

  3. 关于Android WebView上传文件的解决方案

    我们在开发需求的时候,难免会接入一下第三方的H5页面,有些H5页面是具有上传照片的功能,Android 中的 WebView是不能直接打开文件选择弹框的 接下来我讲简单提供一下解决方案,先说一下思路 ...

  4. 翻译连载 | 第 9 章:递归(下)-《JavaScript轻量级函数式编程》 |《你不知道的JS》姊妹篇

    原文地址:Functional-Light-JS 原文作者:Kyle Simpson-<You-Dont-Know-JS>作者 关于译者:这是一个流淌着沪江血液的纯粹工程:认真,是 HTM ...

  5. WaitAll 和 WhenAll 的使用及区别

    用过.net 异步编程的同学都知道,比以前的多线程编程实现起来真的方便很多,今天把WaitAll和WhenAll这两种编程方式回顾总结一下(当然WaitAny.WhenAny是一样的操作) 1:Wai ...

  6. java集合系列——List集合之LinkedList介绍(三)

    1. LinkedList的简介 JDK 1.7 LinkedList是基于链表实现的,从源码可以看出是一个双向链表.除了当做链表使用外,它也可以被当作堆栈.队列或双端队列进行操作.不是线程安全的,继 ...

  7. crontab的两大坑:百分号和环境变量

    今天想给服务器加个自动备份mysql数据库的功能(别怪我这么久才加,阿里云每天全盘备份的,不怕丢数据库),本以为只要5分钟就能搞定的,结果入了两个大坑. 我的crontab是这样写的: * * * m ...

  8. javascript中DOM集锦(二)

    <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title> ...

  9. python pyqt

    一.控件 1.单行文本框QLineText clear() 清除文本框中的内容contextMenuEvent() 右键菜单事件copy() 复制文本框中的内容cut() 剪切文本框中的内容paste ...

  10. Recall(召回率)and Precision(精确率)

    ◆版权声明:本文出自胖喵~的博客,转载必须注明出处. 转载请注明出处:http://www.cnblogs.com/by-dream/p/7668501.html 前言 机器学习中经过听到" ...