The main advantages of FileZilla are: High Security, high-performance. Filazilla's security comes from its open source code. Why can open source guarantee security? After each software product was born, many people tried to discover its vulnerabilities to attack in order to gain privileges and other benefits. In the case of Open-source software, an attacker would download the source code of the software, analyze its internal vulnerabilities from the source, and attack. The larger the size of open source, the more people download the source code, the more popular the software. As it gradually improved, the vulnerabilities became less and fewer, finally becoming a highly secure software that was inseparable from the contribution of tens of thousands of of programmers on the Internet. This kind of software representative is the Linux platform under the Apache, PHP, MySQL, Bind, vsftpd and so on a large number of high reliability software. The closed source software is not open source, people can not study it, therefore, only he as a "black box" to study the process of research, there is no source code, it is difficult to find its error. Even if you find some errors, there are more vulnerabilities hidden in the code, but because the code is not open, so people can not find in the short term, later use will expose a lot of problems. Some closed-source software even retains a "backdoor" to facilitate remote control, such as windows, such as Serv-u. and open source software code is opened, if the developer inside the "back door" and other dangerous code, will be the internet on the vast number of programmers, therefore, here also can be seen, open source, is the best guarantee of security.
FileZilla's high performance comes from the development platform for its code, which is based on applications that are better than those developed by other vb/dephi platforms, and so FileZilla has performance comparable to that of IIS. In gigabit network bandwidth, can easily meet hundreds of users at the same time high-speed download.
At present, there are some deficiencies in FileZilla, the main disadvantage is not to support quotas, that is, does not provide upload, download the total file size quota function. Even so, the free filezilla is more and more occupy the original serv-u and other software market, become more close to the user.
Installation
The installation process is very simple, first download the FileZilla server installation file, and then download the installation package to the desktop, ready to install.
Double-click Setup to start the installation. Click "I Agree" to continue.
Select the installation method, the default standard can be. Where "source code" sources generally do not install, unless you want to study the FileZilla code.
Select the installation path and strongly recommend that you install to a non-default path to increase the safety factor. For example, the following path:
Select the option "Install as a service and randomly start automatically". The bottom 14147 is the management port, and it is highly recommended to modify this port, for example, to 38121 ports. (Note that you do not conflict with common services such as 80 ports.)
Select the option to start the admin interface when the administrator logs on.
Installation in progress.
When Setup is complete, Setup automatically launches the management console, which by default is a management port connected to this computer. Management port in the end is how much, please refer to the previous installation process to fill in the number of specific numbers. It is recommended that the "Always connect to this server" option be selected, which means that each time the management console is started, it is the FileZilla service that manages the local computer. Below is a dialog box for entering a password, in which you enter the password for the server FileZilla service.
Note: It is important to modify the port and password, which is the key to ensure FileZilla security, you must modify the port, you must set a password! Password advice is complicated enough!
Click OK, you can start after the initialization of the management console, configuration completed.
Third, the configuration
1. Basic Setup
FileZilla The default mode is Port mode, not passive passive mode. In order to resolve client connectivity problems after a firewall, it is best to enable passive mode. To start passive mode, first open the management console and click the third icon on the left to enter the system setup.
Click on the left "welcom message" menu, that is, FTP login after the welcome information.
For security reasons, it is strongly recommended that you modify the default welcome message "Welcom to Serv-u FTP Server" so that FileZilla will serv-u the words in the welcome message to deceive the attacker. Note: This step is very important!
Now we use Telnet to connect the FTP 21 port, you can see the modified "false" message, so that the security of the server can be more obvious improvement.
Next, click the "Passive Mode settings" option to enter the passive mode setting.
Select the option to start the passive mode port range, and enter the 10000~10050 port range, which indicates that the passive mode will use this range of ports.
Click OK to save it. Next, allow the 10000~10050 port range to enter and exit on the firewall, or
Direct Internet access for FileZilla Server.exe main program is allowed.
The final step of the installation is to reinforce the permissions, find the FileZilla configuration file, format it in XML format, right-click on it, and select Properties.
Join the Guest group to prohibit read and write permission, set to deny.
Click OK, the system will pop-up prompts, ask the refusal permission priority higher than allow permission, whether to continue, click is through.
This initializes the basic configuration complete.
2. Anonymous FTP Configuration
First open the Management console, click the Fourth icon on the left to enter the system settings.
Open the FTP User management interface, click on the right button to add new users.
In the New User's dialog box, enter the name "Anonymous", the anonymous user of FTP.
Click to confirm, add user complete, return to user admin interface.
Click on the "Shared Folders" menu on the left. Click the Add button to add a table of contents.
To open the Browse folder option, select the directory to which you want to set up FTP.
Click OK to add user complete.
Now that the user FTP client is connected to the FileZilla server, you can see that anonymous FTP has been configured to complete.
3. Standard FTP User Configuration
First enter the user settings interface, click the "Add" button to add new FTP users.
Enter user name test.
Select the Password box at the front of the selection and enter the password 123456.
Return to the user admin interface, click the Set folder directory, click Add Add Directory.
Add a directory to the test user.
Add complete, and then the right to select the test user's permissions on the directory, and then click on the left of the OK button, configuration completed.
Configuration complete. You can now use the client to test the login.
Open the FTP client software and enter test username and password 123456 to log on to the server.
After the successful login, you can see the FTP directory just developed files, and have the appropriate upload, download permissions.
4. Virtual directory Configuration
Setting up a virtual directory is a more manageable option when you have multiple directories that need to be shared. Typically, an FTP server needs to have a home master directory, and then set up several virtual directories.
First enter the user management interface, select the test user, select the current set of directories.
Click on the "Set as Home dir" option to set the current directory to the master directory.
Click the Add button to add a different directory to the original directory, such as selecting a desktop directory.
The new directory has been added to the catalog list. Add "Alias" At this point and click on the "Alias" Space.
Add a aliases alias, note that it must begin with a "/" symbol to indicate that it is a virtual directory under the root directory.
Add complete. Now you can login to FTP, you can see the virtual directory.
After you log on to FTP, you can see that the virtual directory appears in the directory of the test user.
This virtual directory setting is complete.
5. Strengthening FileZilla safety
• Install FileZilla to non-standard catalogs
• Install the FileZilla management port during installation to listen for random ports on the 127.0.0.1, such as 38471 odd unused ports.
• Set FileZilla admin password during installation and set password is complex enough
• Set guests permission to disallow read on XML configuration files in the FileZilla directory
• Modify FTP login Prompt information for IIS, serv-u and other information
• Do not open SSL encryption, SFTP and other functions, to avoid future vulnerabilities
After some configuration, FileZilla can achieve high security.