##############################################################################

1. close the firewall service

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#systemctl stop firewalld.service                     //stop the firewall service

#systemctl disable firewalld.service                 //disable it to luanch when the system starts up

##############################################################################

2. install iptables

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#yum install iptables iptables-services                        //install iptables

#vim /etc/sysconfig/iptables                      //edit iptables' configuration file

# Firewall configuration written by system-config-firewall

# Manual customization of this file is not recommended.

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [0:0]

-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A INPUT -p icmp -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 10060:10090 -j ACCEPT

-A INPUT -j REJECT --reject-with icmp-host-prohibited

-A FORWARD -j REJECT --reject-with icmp-host-prohibited

COMMIT

Type  <-  :wq! -> to save it and leave it out.

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#systemctl restart iptables.service                   //restart the firewall for taking effect

#systemctl enable iptables.service                   //configure the iptables service automatically reboot when the system starts up

Notice that:   21 port is the FTP server's port, however, the ports which are needed on the passive mode of the vsftpd  are from 10060 port to 10090 port , these ports you can define by yourself, it is up to you.

##############################################################################

3. Close  SELINUX

vim /etc/selinux/config

#SELINUX=enforcing 

#SELINUXTYPE=targeted 

SELINUX=disabled

:wq! to save and leave it out.

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#setenforce 0                       //Enable configuration to take effect immediately

##############################################################################

4. Install vsftpd

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#yum install -y vsftpd     //install vsftpd

#yum install -y psmisc net-tools systemd-devel libdb-devel perl-DBI

# systemctl start vsftpd.service

#systemctl enable vsftpd.service

##############################################################################

5. Configure vsftpd server's configuation file

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.backup

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=NO

anon_mkdir_write_enable=YES

dirmessage_enable=YES

xferlog_enable=YES

connect_from_port_20=YES

chown_uploads=YES

#xferlog_file=/var/log/xferlog

xferlog_std_format=YES

idle_session_timeout=300

data_connection_timeout=1

#nopriv_user=ftpsecure

async_abor_enable=YES

ascii_upload_enable=YES

ascii_download_enable=YES

ftpd_banner=Welcome to blah FTP service.

#deny_email_enable=YES

#banned_email_file=/etc/vsftpd/banned_emails

chroot_local_user=YES

#chroot_list_enable=YES

#chroot_list_file=/etc/vsftpd/chroot_list

#ls_recurse_enable=YES

listen=NO

listen_ipv6=YES

pam_service_name=vsftpd

userlist_enable=YES

tcp_wrappers=YES

use_localtime=YES

listen_port=21

guest_enable=YES

guest_username=vsftpd

user_config_dir=/etc/vsftpd/vconf

virtual_use_local_privs=YES

pasv_min_port=10060

pasv_max_port=10090

accept_timeout=5

connect_timeout=1

allow_writeable_chroot=YES

##############################################################################

6. create a virtual user list file

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#touch /etc/vsftpd/virtusers

#vim /etc/vsftpd/virtusers

web1

123456

web2

123456

web3

123456

:wq! to save and leave it out.

##############################################################################

7. generate a virtual user data file

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#db_load -T -t hash -f /etc/vsftpd/virtusers /etc/vsftpd/virtusers.db

#chmod 600 /etc/vsftpd/virtusers.db

##############################################################################

8. Edit /etc/pam.d/vsftpd file and add some information as below

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd.backup

#vim /etc/pam.d/vsftpd

auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers

account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers

Note that:   if your system is 32bit system, you can modify lib64 into lib, or you will fail to configure it correct.

##############################################################################

9. Create a system user vsftpd, its home directory is /home/wwwroot, set user login console as /bin/false (in order to disable its login function)

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#useradd vsftpd -m -d /home/wwwroot -s /bin/false

##############################################################################

10.  Create the configuration file for the virtual user vsftpd

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#mkdir /etc/vsftpd/vconf

#cd /etc/vsftpd/vconf

#touch web1 web2 web3

#mkdir -p /home/wwwroot/web1/http/

#mkdir -p /home/wwwroot/web2/http/

#mkdir -p /home/wwwroot/web3/http/

#vim web1

local_root=/home/wwwroot/web1/http/

write_enable=YES

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

#vim web2

local_root=/home/wwwroot/web2/http/

write_enable=YES

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

#vim web3

local_root=/home/wwwroot/web3/http/

write_enable=YES

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

##############################################################################

11. Restart vsftpd server

=====THE COMMAND YOU CAN TYPE INTO YOUR CONSOLE======

#systemctl restart vsftpd.service

          ##############################################################################

  

                                Thank you for your reading!

                 That's all, at the same time, it's my pleasure to share something I know, hope it will be helpful for you.

  

          ##############################################################################

Setup and Configure the vsftpd server in CentOS 7 operation system的更多相关文章

  1. Setup VSFTPD Server with Virtual Users On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3

    We have already shown you How to Setup VSFTPD Server on CentOS 6.5/6.4 in our previous article. In t ...

  2. Setup FTP Server On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3

    setsebool allow_ftpd_full_access onsetsebool -P ftp_home_dir on vsftpd (Very Secure File Transport P ...

  3. setup FTP server on CentOS 7

    Setup FTP Server on CentOS 7 Install vsftpd vsftpd (Very Secure File Transport Protocol Daemon) is a ...

  4. Setup Git Server in CentOS 6.3

    0. Environment: Server machine: CentOS 6.3 x86 Client machine: Windows 10 Pro x86_64 1. Install ssh ...

  5. Installing MySQL Server on CentOS

    MySQL is an open-source relational database. For those unfamiliar with these terms, a database is wh ...

  6. How to: Set up Openswan L2TP VPN Server on CentOS 6

    Have you ever wanted to set up your own VPN server? By following the steps below, you can set up you ...

  7. Install RabbitMQ server in CentOS 7

    About RabbitMQ RabbitMQ is an open source message broker software, also sometimes known as message-o ...

  8. Tigase XMPP Server在CentOS部署和配置

    Tigase XMPP Server在CentOS部署与配置 作者:chszs,转载需注明.博客主页:http://blog.csdn.net/chszs 以下讲述Tigase XMPP Server ...

  9. You must configure either the server or JDBC driver (via the serverTimezone configuration property

    使用JDBC连接MySql时出现:The server time zone value '�й���׼ʱ��' is unrecognized or represents more than one ...

随机推荐

  1. Activiti常见问题解决

    1,工作流activiti eclipse 插件不自动生成png window ——> preferences——>activiti——>save——>选中create pro ...

  2. FastDFS安装步骤

    FastDFS是用c语言编写的一款开源的分布式文件系统,充分考虑了冗余备份.负载均衡.线性扩容等机制,并注重高可用.高性能等指标,使用FastDFS很容易搭建一套高性能的文件服务器集群提供文件上传.下 ...

  3. Bootstrap——一款超好用的前端框架

       前  言 Bootstrap Bootstrap 是基于 HTML.CSS.JAVASCRIPT 的,用于开发响应式布局.移动设备优先的 WEB 项目.Bootstrap在JQuery的基础上进 ...

  4. MMORPG战斗系统随笔(一)

    前言 很久没有更新博客,中间迁移过一次博客,后来一直忙于项目的开发,忙的晚上回去没时间写博客,周日又要自我调整一下,所以空闲了很久没有继续写博客.最近终于慢慢放慢节奏,项目也快上线了,可以有空写一些个 ...

  5. 寻找bug并消灭系列——记录在Android开发所遇到的bug(一)

    之前使用了Android Studio的插件直接为button绑定了监听器,并实现onClick方法(我的onClick方法无论点击哪一个都是要实现setcontentview这个方法设置layout ...

  6. hdu4705 Y 2013 Multi-University Training Contest 10

    Y Time Limit: 2000/1000 MS (Java/Others)    Memory Limit: 131072/131072 K (Java/Others) Total Submis ...

  7. Python in/not in --- if not/if + for...[if]...构建List+ python的else子句

    区分几个容易出错的地方: in 成员运算符 - 如果字符串中包含给定的字符返回 True >>>"H" in a True not in 成员运算符 - 如果字符 ...

  8. .net窗体程序的基础知识及详细笔记

    第一章:初识Windows程序 1.1:第一个wondows程序 1.1.1:认识windows程序 Form1.cs:窗体文件:程序对窗体编写的代码一般都存放在这个文件(还有拖动控件时的操作和布局, ...

  9. C语言判断电脑的大、小端机

    #include int main() { int x = 0x1234; if (char(x) == 0x34)  {   printf("小端机!\n");  }  else ...

  10. ASP.NET没有魔法——ASP.NET MVC 与数据库之Entity Framework Migrations

    在开发数据库应用程序的时候,经常会遇到某些表需要添加字段或者修改类型.新增表等需求,而对于EF Code First来说关注的只有实体类,当需求变更时只需要添加新的实体类或者在实体类中添加.删除.修改 ...