Join the community today
Register Now

Help with FTP setup

Discussion in 'Install & Upgrades or Pre-Install Questions' started by Mask, Jan 16, 2015.

  1. Mask

    Mask Active Member

    108
    31
    28
    Nov 10, 2014
    Ratings:
    +37
    Local Time:
    8:46 PM
    Nginx 1.9.1
    MariaDB 10.0.19
    Hi there,
    Not sure if I am posting it in right forum of not, hope to get some help here.
    I know CentminMod doesn't install any FTP software, I need to give a developer access to WP install folder to make some changes to theme and a custom plugin. (Server running WordPress).

    Considering to install Vsftpd but not sure hot to limit it's access to /home/nginx/domains/domain.com/public/ only. And how to make it work with nginx? (Since all files are currently owned by nginx:nginx)
    So how to make ftpuser upload files that can work without causing any error.
    Any help will be appreciated.

    Thanks

     
  2. eva2000

    eva2000 Administrator Staff Member

    54,106
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    1:46 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    FAQ item 2 at Centmin Mod FAQ - Menu based Nginx installer outlines that Centmin Mod isn't for shared hosting so given current /home/nginx/* structure you can't limit it per domain vhost like you want for per user isolated access right now.

    To limit per domain/user account for isolation, you would need a total rework of Centmin Mod Nginx structure and vhost creation - I did a preview demo of jailed chrooted user Nginx vhost planned for in future at WordPress Auto Installer & SSH, SFTP, SCP chrooted user accounts for Nginx vhost | Centmin Mod Blog and on forums replicated that blog article at Previews - Jailed / chrooted SFTP & SSH user Nginx vhost menu | Centmin Mod Community

    Unfortunately, there's alot of stuff to do for .08 beta for stable release and builds and features beyond before any work can be done on jailed chroot users. Jailed chroot users can't come first as it could break features planned if not tested first. Think of jailed chroot users coming first like buying all your houses furniture, bedding, bathroom fittings and kitchen appliances before you even decide on a new house and of what size house. How do you know everything you purchased will fit the house and space within?

    For now probably easiest and most secure way to give dev access would be to setup a separate VPS on hourly billing i.e. with DigitalOcean and replicate your wordpress site on it so they only have access to that staging test copy VPS only. In fact that's what I'd usually do regardless of whether or not Centmin Mod is used as you really don't want 3rd parties making changes to live production sites without first being tested on a staging/test server anyway
     
  3. Mask

    Mask Active Member

    108
    31
    28
    Nov 10, 2014
    Ratings:
    +37
    Local Time:
    8:46 PM
    Nginx 1.9.1
    MariaDB 10.0.19
    Hi George,
    I understand that (i.e. FAQ part). I only have one site running on this server and till now I have been using my root access to all the changes. But obviously I don't want to give the developer any access other than just WP install.

    I only have one domain on this box, nothing else. So right now, there is just no way to give a user FTP access to one directory (say wp-content) ??? I guess setting up a temp access on DO will work but that seems a lil too much for a short time access for a developer.

    I am anxiously waiting for your new Setup Previews - Jailed / chrooted SFTP & SSH user Nginx vhost menu | Centmin Mod Community
     
  4. eva2000

    eva2000 Administrator Staff Member

    54,106
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    1:46 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yes no way to do that for out of box Centmin Mod installs, unless you modify the structure and vhost and account setup/vsftp etc yourself. Unfortunately, I can't provide any support or help for that so you would have to know how to do it yourself or if you're lucky other forum members here can share their tips or guides for how they have done such changes.
     
  5. Mask

    Mask Active Member

    108
    31
    28
    Nov 10, 2014
    Ratings:
    +37
    Local Time:
    8:46 PM
    Nginx 1.9.1
    MariaDB 10.0.19
  6. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    10:46 AM
    latest
    10
    Great news! It only gets better George! Now, onward with testing this out! ( for me )
     
  7. eva2000

    eva2000 Administrator Staff Member

    54,106
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    1:46 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  8. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    10:46 AM
    latest
    10
    Will pure-FTP work with the current stable ( 07 ) install?
     
  9. eva2000

    eva2000 Administrator Staff Member

    54,106
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    1:46 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    In theory it should, but only testing on .08 betas right now :)
     
  10. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    10:46 AM
    latest
    10
    welp, I'm going to test on ..07 stable - will report shortly :=)
     
  11. Mask

    Mask Active Member

    108
    31
    28
    Nov 10, 2014
    Ratings:
    +37
    Local Time:
    8:46 PM
    Nginx 1.9.1
    MariaDB 10.0.19
    It works perfectly. I am using it with v07 stable.
     
  12. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    10:46 AM
    latest
    10
    I installed it but can't seem to login - says authentication failed everytime
    I know what the username/password is and inputting them correctly
    Can't figure it out yet...
     
  13. eva2000

    eva2000 Administrator Staff Member

    54,106
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    1:46 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    I've updated instructions and info at CentOS 7.x - How to help test .08 CentOS 7 Betas with Github code ? | Page 13 | Centmin Mod Community

    Unlike @Mask original suggested setup, I went beyond that for Centmin Mod's pure-ftpd implementation as it uses FTP over TLS/SSL via self signed certificate, so you need to set FTP mode to explicit TLS/SSL port 21, enable PASV passive connections and uncheck SSL certificate validation - the linked page added a list of FTP clients and how to connect.

    Note passive ports if needed to be set in FTP client are in range between 3000 to 3050 i.e. for Filezilla.
     
    Last edited: Jan 18, 2015