1. Prohibit system-level users from logging on to the FTP server.
To improve the security of the FTP server, it is best for the system administrator to set up a separate FTP account for the employee, rather than giving the system-level users to ordinary users, which brings great security risks. On the vsftp server, you can use the configuration file vsftpd. ftpusers to manage the login account. However, this account is a blacklist, and the account owner cannot use the account to log on to the FTP server. After deploying the vsftp server, we can use the VI command to view the configuration file and find that it already has many default accounts. Among them, the system's Super User Root is also in it. It can be seen that for security reasons, by default, the vsftp server prohibits the root account from logging on to the FTP server. If the system administrator wants root and other system accounts to log on to the FTP server, delete the relevant user names such as root in this configuration file. However, allowing the system account to log on to the FTP server has a negative impact on its security. Therefore, I do not recommend that the system administrator do this. Do not change the system account administrator in this file. Keep the settings of these accounts.
If you need to disable other accounts for other reasons, you can add the account name to this file. For example, the FTP server and database server may be deployed simultaneously on the server. To ensure security, it is a good practice to add the account of the database administrator to this blacklist.
2. strengthen control over anonymous users.
Anonymous users refer to those accounts that are not defined in the FTP server, and FTP System Administrators still need to log on to them for ease of management. However, they have not obtained server authorization. To improve server security, they must restrict their permissions. On the vsftp server, many parameters can be used to control the permissions of anonymous users. The system administrator must configure the FTP server according to its security level. It should be noted that the stricter the permission Control for anonymous users, the higher the security of the FTP server, but the convenience of user access will also be reduced. Therefore, the system administrator still needs to achieve a balance between server security and convenience.
The following are some of my recommended configurations for anonymous users. If you do not know how to configure them, refer to these configurations. These configurations take into account server security and user convenience.
First, the anon_world_readable_only parameter. This parameter is mainly used to control whether anonymous users can download readable files from the FTP server. If the FTP server is deployed inside the enterprise and is mainly used by employees inside the Enterprise, set this parameter to yes. Then, some common enterprise tables and other publicly accessible files are placed on them, allowing employees to download these files anonymously. This will not affect the security of the FTP server, but also facilitate the operation of other employees.
The second is the anon_upload_enable parameter. This parameter indicates whether an anonymous user can upload files to the FTP server during anonymous access. In general, set this parameter to No. That is, users are not allowed to upload files during anonymous access. Otherwise, if anyone can upload a file, the company will not suffer if the other party uploads a virus file. Therefore, anonymous users are prohibited from uploading files. But this is also an exception. For example, some enterprises use the FTP protocol to back up files. In this case, if the enterprise network security is guaranteed, you can set this parameter to yes, that is, allow the operating system to call the FTP command to back up files on the FTP server. In this case, to simplify backupProgramUsually anonymous access is used for deployment. Therefore, you must allow anonymous users to upload files on the FTP server.
The third is the anon_other_write_enable parameter and the anon_mkdir_write_enable parameter. These two parameters mainly involve some advanced permissions of anonymous users. For example, the first parameter indicates that an anonymous user has the permission to upload and create sub-directories, such as changing the file name on the FTP server. The second parameter indicates that anonymous users can create sub-directories under specific circumstances. These functions will affect the security of the FTP server and the security of files. For this reason, these permissions should be disabled unless otherwise required. Set the value of these parameters to No. In my opinion, these parameters can be enabled unless the FTP server is played by the system administrator. Otherwise, it is better to set these parameters to no to improve the security of the FTP server.
In general, anonymous user control should follow the minimum permission principle. Anonymous Users are unauthorized users on the FTP server, so they cannot perform deep-level access control. Therefore, only these basic parameters can be used for control.
3. Control directories.
Generally, the system administrator needs to set different root directories for different users. For the sake of security, if different users are not allowed to interfere with each other, the system administrator needs to set up to prevent users from accessing the root directories of other users. For example, some enterprises have set up an FTP account for each department to facilitate file exchange. The sales department has a root directory sales, and the warehouse department has a root directory ware. As a sales employee, they can access any sub-directories under their root directories, but cannot access the repository user's root directory ware. In this case, employees in the sales department cannot access the files of the warehouse users. It can be seen that by limiting users to access directories other than the root directory, different users can prevent mutual interference to improve the file security on the FTP server. To achieve this, you can set the parameter chroot_local_user to No. After this setting, all users logging on locally cannot access any directory other than the root directory. However, during this control, it is best to set a directory that everyone can access to store some public files. We need to ensure the security of the server and prevent normal file sharing and communication.
4. limits the transmission rate.
Sometimes, in order to ensure the stable operation of the FTP server, the speed of uploading and downloading files must be limited. For example, the FTP server and email server are deployed on the same server. In order for these application services to coexist peacefully, the maximum transmission rate needs to be controlled. Because the bandwidth of the same server has the maximum limit. If an application service consumes a large amount of bandwidth, it will have a negative impact on other application services, or even cause other application services to fail to meet the needs of corresponding users. If FTP is used differently, you also need to set the maximum rate limit. For example, if FTP is used for file backup and file upload/download at the same time, the maximum file upload/download speed is required to increase the file backup efficiency and shorten the backup time.
To limit the transmission rate, the system administrator can set the local_max_rate parameter. By default, this parameter is not enabled, that is, there is no maximum rate limit. However, for these reasons, we recommend that you set this parameter before putting the FTP server into production and operation. This prevents other application services from being negatively affected by excessive bandwidth usage during upload/download. The system administrator needs to achieve a balanced and reasonable bandwidth allocation among various application services. At least ensure that each application service can respond to customers' requests normally. In addition, if possible, you need to perform peak-to-peak operations. For example, an email server and an FTP server are deployed on a host. The FTP server is mainly used for file backup. So in order to prevent file backup from adversely affecting mail sending and receiving (because file backup requires a relatively large bandwidth, it will greatly reduce the speed of mail sending and receiving ), it is best to separate file backup from the peak hours of email sending and receiving. For example, if it is usually the peak time for sending and receiving emails at work in the morning, do not use the FTP service for file backup. At noon, there are usually fewer emails to send and receive. In this case, you can use ftp to back up files. Therefore, if you run the FTP server and other application services at different peaks, you can set a higher speed to improve the efficiency of FTP services. Of course, this puts forward high requirements for system administrators. Because the system administrator needs to analyze various applications and then conduct comprehensive planning based on server deployment. Unless there are higher measures and better conditions, the maximum rate of transmission to the FTP server is required. Otherwise, it will have a great negative impact on other information services deployed in the enterprise and cause network congestion.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
