| Virtual domain account users can allow
anonymous FTP access to visitors wishing to download or upload
files to your web site as if you were running your own FTP server.
You can enable (and disable) ANON FTP access
within Edit Account Information within your
account Control Panel. Just check (or uncheck)
the check box labeled "Anonymous FTP Enabled".
| Anonymous FTP warnings:
FrontPage
Users
Enabling ANON FTP on a FrontPage created site can
expose private site access information within the user's
/_vti_pvt directory. The permissions on the FrontPage
directories are, by default, 755. As with any other
anonymous FTP usage (this is only an issue on AFTP-enabled
accounts), you need to ensure that the public permissions
are tight enough to prevent access to those directories.
chmod-ing the _vti directories to 700 seems to do the
trick - it prevents those directories from being browsed
through anonymous FTP.
Security
Anonymous FTP will grant any and all users the
ability to access your "upload" directory, or
any directory on your domain that has been set for "public"
read/write permissions. Anonymous users will have
access to upload or download files to and from your
domain. You must set the appropriate
permissions for your directories to restrict
anonymous FTP access. This is needed to ensure that
anonymous users will not be able to access any existing
files or directories. You can inhibit access to specific
files and directories in your UNIX web hosting account
using the file manager by disabling public read and/or write access
to the files or folders you don't want people to see (ie.
cgi-local). On NT, anonymous FTP access is only available
in the "anonymous/" directory.
Responsibility
As the account owner, you are responsible for any and all
files that are stored on your domain. This would include
files that were uploaded by you as well as by anonymous
FTP users. With the use of anonymous FTP, your site is
susceptible of becoming a "warez" site.
Typically, these are sites that are used by
"hackers" to trade (upload/download) illegally
pirated copies of software programs with one another. As
the account owner, the complete content of your account is
your responsibility. If your site becomes a trading post
for "warez" programs, you may face legal action
that can be taken against you by the programmers/software
companies of the copyrighted software.
Data Transfer
Any and all FTP download transfers, anonymous FTP
included, will be used in the calculation of the total
data transfer for your account. If this total data
transfer amount exceeds the limit that is set for your
plan, you will be responsibility for any and all
overage charges that occur. Please Note: There
will be NO exceptions made for these overage charges. Once
anonymous FTP has been enabled, it will be your
responsibility to monitor the anonymous FTP activity for
your account. All anonymous FTP activity is stored within
the "xferlog" file. This file
contains entries for each and every anonymous FTP
upload/download session. This file is located within the
/stats directory of your account. There is also a link
provided off the "View your web usage statistics
& logs" page of your account control panel. You
can also have our servers perform certain actions when
your data transfer exceeds a pre-defined limit that you
can specify. In your "Edit Account Information screen
look for the following section:
Disk Space
If you are going to allow people to upload files
to your site, make sure you keep track of your disk space
usage via your Control Panel. Do not allow your disk space
usage to get too close to your maximum disk space
allocation or you may experience problems accessing your
site via FrontPage and/or be unable to upload or modify
files. You may purchase additional disk space if necessary
in 5MB blocks.
|
Once you enable ANON FTP in Account Settings
within your Control Panel, files can be accessed anonymously via a
web browser using the following URL format:
- ftp://ftp.yourdomain.com/<FILENAME>
Anonymous visitors wishing to access your
site via FTP client (e.g. wsftp) must use your domain name as the
FTP hostname, userid of anonymous and password of guest.
Note: If ANON FTP is
disabled and someone attempts to access your site anonymously,
they will actually see RapidSite's anonymous FTP directory
although the page title will read "FTP root at
ftp.yourdomain.com".
How to set a custom
"Anonymous FTP Welcome Message" on our UNIX servers:
When setting up anonymous ftp access to an
account, you can set up a welcome message for people browsing the
site with a web browser. You can easily accomplish this by
following these instructions:
- Create a text file called welcome.msg
(Must be in lower case characters.)
- Place your greeting message into the file
and save the file.
- Upload the welcome.msg file to the root
directory.
(Transfer in ASCII format)
- Now set anonymous FTP active for your
account.
(See this page for instructions)
Please be sure to set directory permissions
for the appropriate directories.
Notes
This will only work when you link to one directory. If
you link to another directory after the initial directory the
message will not be displayed. But it will be displayed if you
come back to the original directory. |
