How to make any FTP server instantly secure in 9 easy steps. This is known as a protocol converter, or FTP proxy.

CrushFTP has the ability to proxy to a FTP server. Technically CrushFTP is just treating a FTP server as if it were a local filesystem, everything else works the same. A benefit of this is that your existing FTP server such as IIS FTP, with all of its accounts, configurations, ACLs, etc can be instantly made secure using new protocols like FTPS, SFTP, or HTTPS.

Here is what you do.

1.) Change the port in your current FTP server to be port 2121 instead of port 21.

2.) Download, and run CrushFTP. Create your own admin user for managing the server.

3.) Login to the WebInterface, and click the Admin button, then the User Manager tab.

attachments

4.) Click the upper left button to create a new user, and give it the name 'template'.

attachments

5.) Click the new VFS item button. (New remote item.)

attachments

6.) Change the URL type to be FTP, and fill in the server information like this screenshot.

attachments

7.) Enable these permissions for the brand new 'ftp' virtual item we just created. (Don't do all the checkboxes! The others have different meanings that don't apply here.) We want full read/write/delete permissions as the underlying FTP server will be enforcing permissions and not CrushFTP.

attachments

8.) Click 'Save All Changes'.

9.) Your server is ready! You can go login using a FTPS client on port 21, SFTP client on port 2222, or HTTPS web browser on port 443. See below for how to change the settings. This quick guide only scratched the surface of what CrushFTP can do for you. By setting it up in proxy mode, it can act as a drop in enhancement to any existing server. The 'FTP' traffic to the legacy FTP server is all local on the machine, not out in the clear, and all traffic to CrushFTP is using secure protocols.

10.) Additional configuration and settings:

You may want to change the server ports in CrushFTP. You may also want to force encryption for FTP making the user use FTPS and not FTP. Keep in mind unless the user uses 'CCC' (clear channel connection) mode in their FTPS client, you will need additional port mapping rules on any routers or firewalls. Also note that changing settings does not require a restart of the application. Changes take effect when you click OK.

Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
png
menu.png 19.8 kB 2 09-Oct-2016 18:14 Ben Spink
png
new_user.png 14.1 kB 2 09-Oct-2016 18:14 Ben Spink
png
new_vfs.png 27.0 kB 2 09-Oct-2016 18:14 Ben Spink
png
privs.png 24.4 kB 2 09-Oct-2016 18:14 Ben Spink
png
vfs_item.png 26.5 kB 2 09-Oct-2016 18:14 Ben Spink
« This page (revision-13) was last changed on 09-Oct-2016 18:14 by Ben Spink
G’day (anonymous guest)
JSPWiki v2.8.2