Understanding FTP 7 Configuration Files
All
configuration settings for FTP 7 sites are stored in the XML-based
.config files. You can view and edit these settings, using a text
editor. Server-level settings for both Web sites and FTP sites are
stored within the ApplicationHost.config file.
Creating Virtual Directories
You
can easily organize content through physical folders within an FTP
site. For example, you can create a folder hierarchy for different
types of applications and data. In some cases, however, you will want
to provide access to content that is not located within the FTP root
folder. To do this, you can create virtual directories. Virtual
directories are pointers to folder locations and can be nested within
other virtual directories or physical folders. Assuming that users have
the appropriate permissions, they will see the virtual directory as if
it were a physical folder. All upload and download operations, however,
will be directed to the physical folder. Virtual directories are useful
when you want some content to be shared between multiple physical sites
or when you do not want to move or copy the data to the FTP root folder.
To
create a new virtual directory, right-click the parent object in the
left pane of IIS Manager and select Add Virtual Directory. This will
launch the Add Virtual Directory dialog box. (See Figure 17.)
Site Name and Path information shows you details about the location in
which the new virtual directory will be created. Alias is the name of
the folder as users of the site will see it. The Physical Path setting
specifies the full physical location of the content that you want to
make available.
By
default, virtual directories will use Pass-Through Authentication for
determining whether users have permissions to access the content. This
means that the user account used during logon must have permissions on
the content folder. You can change this behavior by clicking Connect As
and selecting the Specific User option. You will then be able to
provide a username and password for a specific account. When the
Specific User account option is enabled, all requests for information
stored in the physical path you specify will be performed using that
user’s security context.
Configuring Advanced FTP Site Properties
In
addition to the standard properties available in Features View of IIS
Manager, you can also configure Advanced Settings options. To access
these settings, click Advanced Settings in the Actions pane. Figure 18 shows the available options and their default values.
The
Behavior section includes options for fine-tuning the settings of the
FTP site. The Connections section enables you to control data channel
timeouts (in seconds) as well as a maximum number of connections. These
settings can be helpful for managing performance on busy Web and FTP
servers. The File Handling section provides options for dealing with
partial uploads and allowing a session to perform actions while
uploading data.
Managing FTP Site Bindings
FTP
7 provides a simplified method for Web site administrators to manage
their content by using FTP. In previous versions of FTP, administrators
were required to configure a new site or virtual
directories manually for accessing Web site content. You can now add a
new FTP site binding to a Web site to provide access automatically to
FTP clients. This is useful when you want to allow remote
administrators and Web developers to access or modify the contents of
specific Web sites.
To
add a new FTP binding, select a Web site in IIS Manager, and then click
Bindings. Click the Add button to create a new site binding. (See Figure 19.)
In
the Add Site Binding dialog box, you will be able to change the Type
setting to FTP. You can then enter IP address, port, and host name
information for determining how users will be able to access the FTP
site. After you have added an FTP binding, you will see a grouping for
FTP-related commands in Features View of IIS Manager. You can use these
features to modify the settings of the FTP site binding in the same way
as you would for a standalone Web site. You will also see a new Manage
FTP Site section in the Actions pane. An FTP site that is part of a Web
site can be started, stopped, and restarted independently of the Web
site.
Important: FTP port numbers and security
Changing
the port from the default setting of port 21 can add a little extra
security to an FTP server configuration. Casual intruders will often
attempt to connect to this port to find unprotected FTP servers. In
general, however, the idea of “security through obscurity” is not the
best solution. Simply making an FTP server harder to find will not
address the most important security issues. Always remember to use
other security features such as firewall settings, authentication
settings, and authorization rules in conjunction with site bindings.