prohibit system level users from logging on to an FTP server.
In order to improve the security of the FTP server, the system administrator would be better able to set up a separate FTP account for employees, rather than the system-level users to the ordinary user to use, which will bring great security risks. In the VSFTP server, you can manage the login account through the configuration file vsftpd.ftpusers. However, this account is a blacklist, the person listed on this account will not be able to use their account to log on to the FTP server. After deploying the VSFTP server, we can use the VI command to view this profile and find that it already has a number of default accounts. Among them, the system's Superuser root is also in it. Visible for security reasons, the VSFTP server by default prohibits the root account from landing on the FTP server. If the system administrator wants the system account such as root to log on to the FTP server, it is necessary to delete the user name such as root in this configuration file. However, allowing the system account to log on to the FTP server adversely affects its security, and I do not recommend that the system administrator do so. For the relevant system account administrator in this file, do not change the best one, keep these account settings.
If, for other reasons, you need to disable other accounts, you can add the account name to the file. If the FTP server and the database server may be deployed at the same time on the server. So for security reasons, it's a good idea to include the database administrator's account on this blacklist.
Second, to strengthen the control of anonymous users.
Anonymous users are those accounts that are not defined in the FTP server, and FTP system administrators still need them to log in for ease of administration. However, after all, they do not have access to the server's authorization, in order to improve the security of the server, they must be limited to their permissions. There are also many parameters on the VSFTP server that can be used to control the permissions of anonymous users. The system administrator needs to do the relevant configuration work according to the security level of the FTP server. It should be explained that the more restrictive the permissions of the anonymous user, the higher the security of the FTP server, but the lower the convenience of the user access. So the end system administrator still needs to achieve a balance in the security and convenience of the server.
Here are a few of my recommended configurations for anonymous users, and you can refer to these configurations if you don't know how to configure them. These configurations balance the security of the server with the convenience of the user.
One is the parameter anon_world_readable_only. This parameter is primarily used to control whether anonymous users can download readable files from the FTP server. If the FTP server is deployed within the enterprise and is primarily used by internal employees of the enterprise, it is best to set this parameter to Yes. You can then place files that are publicly available, such as common forms, and so on, so that employees can download the files anonymously. This does not affect the security of the FTP server, but also facilitates the convenience of other employees ' operations.
The second is the parameter anon_upload_enable. This parameter indicates whether anonymous users can upload files to the FTP server without anonymous access. In general, this parameter should be set to No. That is, users are not allowed to upload files on anonymous access. Otherwise, any person can upload files, if the other party upload a virus file, the enterprise is not going to suffer. Therefore, anonymous users should be prohibited from uploading files. But there are exceptions. If some enterprises use FTP protocol to back up files. At this point, if the security of the corporate network is guaranteed, you can set this parameter to Yes, which allows the operating system to invoke the FTP command to back up files on the FTP server.