Creating an FTP account / FTP Access for easy engine websites


#1

Hello,
I have successfully setup the easy engine on my Debian 7 instance.
I have created a wordpress website example.com
I do know that this website will be located in /var/www/example.com
What if I want an FTP account to access to this particular folder only?


#2

EasyEngine uses www-data user which can be used for SFTP access to all sites. Just run command passwd www-data on server to set password for this user.

If you want to grant access to only single site you need to use something like ProFTPD. Please google for more info on ProFTPD as we haven't covered it here till now.


#3

Hello, Thanks for the tip.

I have successfully installed proftpd using sudo apt-get install proftpd I have created a website example.com I added an ftp user called example using the following command sudo useradd example -d /var/www/example.com -s /bin/false passwd example Since the owner was www-data and group was www-data I performed a chown in this way chown example:www-data /var/www/example.com/htdocs/ -R Also added the user example to the www-data group in this way usermod -a -G www-data example

I can now successfully upload files using any FTP client eg:FileZilla

However, I cant add media from my wordpress dashboard. I am getting the following error.

“test.jpg” has failed to upload due to an error The uploaded file could not be moved to wp-content/uploads/2014/04.

Im not sure if this is a permissions issue. Here s the output of ls -la for /var/www/example.com/ drwxr-xr-x 4 example www-data 4096 Mar 28 14:20 . drwxr-xr-x 6 root root 4096 Apr 1 02:26 .. drwxr-xr-x 6 example www-data 4096 Apr 3 06:09 htdocs drwxr-xr-x 2 example www-data 4096 Mar 28 14:20 logs -rw-r--r-- 1 example www-data 3376 Mar 28 14:20 wp-config.php

for /var/www/example.com/htdocs/

drwxr-xr-x 6 example www-data 4096 Apr 3 06:09 . drwxr-xr-x 4 example www-data 4096 Mar 28 14:20 .. -rw-r--r-- 1 example www-data 236 Mar 28 14:58 .htaccess -rw-r--r-- 1 example www-data 418 Sep 24 2013 index.php -rw-r--r-- 1 example www-data 19929 Jan 18 2013 license.txt -rw-r--r-- 1 example www-data 7185 Jan 13 13:16 readme.html -rw-r--r-- 1 example www-data 4892 Oct 4 10:12 wp-activate.php drwxr-xr-x 9 example www-data 4096 Jan 23 15:17 wp-admin -rw-r--r-- 1 example www-data 271 Jan 8 2012 wp-blog-header.php -rw-r--r-- 1 example www-data 4795 Sep 5 2013 wp-comments-post.php -rw-r--r-- 1 example www-data 3087 Oct 24 18:58 wp-config-sample.php drwxr-xr-x 6 example www-data 4096 Mar 31 20:09 wp-content -rw-r--r-- 1 example www-data 2932 Sep 24 2013 wp-cron.php drwxr-xr-x 12 example www-data 4096 Jan 23 15:17 wp-includes -rw-r--r-- 1 example www-data 2380 Oct 24 18:58 wp-links-opml.php -rw-r--r-- 1 example www-data 2359 Oct 24 18:58 wp-load.php -rw-r--r-- 1 example www-data 31909 Dec 3 15:12 wp-login.php -rw-r--r-- 1 example www-data 8235 Nov 13 06:58 wp-mail.php -rw-r--r-- 1 example www-data 10880 Nov 4 19:24 wp-settings.php -rw-r--r-- 1 example www-data 25665 Nov 12 22:23 wp-signup.php drwxr-xr-x 3 example www-data 4096 Apr 3 06:09 wp-snapshots -rw-r--r-- 1 example www-data 4026 Oct 24 18:58 wp-trackback.php -rw-r--r-- 1 example www-data 3015 Oct 24 22:29 xmlrpc.php

for /var/www/example.com/htdocs/wp-content

drwxr-xr-x 6 example www-data 4096 Mar 31 20:09 . drwxr-xr-x 6 example www-data 4096 Apr 3 06:09 .. -rw-r--r-- 1 example www-data 28 Jan 8 2012 index.php drwxr-xr-x 5 example www-data 4096 Apr 3 06:09 plugins drwxr-xr-x 4 example www-data 4096 Mar 28 15:04 themes drwxr-xr-x 2 example www-data 4096 Apr 3 06:09 upgrade drwxr-xr-x 5 example www-data 4096 Mar 31 20:09 uploads

for /var/www/example.com/htdocs/wp-content/uploads

drwxr-xr-x 5 example www-data 4096 Mar 31 20:09 . drwxr-xr-x 6 example www-data 4096 Mar 31 20:09 .. drwxr-xr-x 4 example www-data 4096 Mar 31 18:05 2014 drwxrwxrwx 2 example www-data 4096 Mar 31 20:09 js_composer drwxr-xr-x 2 example www-data 4096 Mar 28 14:20 nginx-helper

Sorry to send this long list. I want you to please go thru the permissions and tell me if they are correct.

What wrong am I doing here? Please guide me If im wrong.

Thanks and Warm Regards,

Yavisht


#4

File upload is handled by php5-fpm which is running as www-data user you need to play with group permission to make everythings works

BTW ftp is not secured is there any reason to not used SFTP?


#5

Hey Rahul/Mitesh

Some more details on using SFTP with www-data or setting up ProFTPD would be great for novice users like me… who have just recently started moving from shared hosting to easy engine…

this will be of great help.

Thanks
Alex


#6

Please follow this steps to configure sftp: https://rtcamp.com/easyengine/docs/setup-sftp/


#7

I had tried a jugaad method of using root instead of www-data and logged into the ftp site.


#8

@Alexander
If you login as a root and create any file then that file is owned by root user
So the web-server/php unable to modify/edit those files


#9

oh ok, thanks letting me know that bit…

Would like to mention that someone like me wouldn’t have ever moved from the confines for shared hosting had not been for easy engine… Thanks!!


#10

@Mitesh
I tried the link mentioned by you - https://rtcamp.com/easyengine/docs/setup-sftp/
now when I do vim /etc/passwd it doesn’t really let me edit anything.

by default it is www-data:x:33:33:www-data:/var/www:/bin/sh and not www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin


#11

@Alexander Gounder
Have you tried editing /etc/passwd with sudo ?
sudo vim /etc/passwd


#12

I don’t get this either.

I tried using ‘$ sudo passwd www-data’ to change the www-data password, but I still get rejected when trying to use Filezilla to log in using www-data and the new password.

The error is

“Error: Received unexpected end-of-file from SFTP server Error: Could not connect to server”

Why wouldn’t EE install and set up SFTP by default. SFTP is the only way to do some things - like migrate from another server.


#13

Would like to know this as well. I am unable to connect using the www-data account even after updating the password.


Ownership issue after uploading files
#14

I didn’t like the solution offered there of using the www-data user account to log in. I agree with previous posters, you should only use sftp and I never install a ftp server as a security best practice. FileZilla works with sftp just the same as ftp.

Ubuntu specific commands below. Via ssh logged in as root I create a new user for that specific site (replace domain name with your site’s domain name to match, and change username to match the user you’d like to setup):

adduser --home /var/www/domainname/ --ingroup www-data username 

If the user needs to access root items (via ssh) you can run this command: (I mostly skip this step for clients)

visudo

Then find the line below root, and add the username in the same format.

username ALL=(ALL:ALL) ALL

Otherwise, just set the password during setup for this new user or with the command below .

passwd username

All that is left is to add the group permissions to /var/www/domainname folders.

chmod -R g+rw /var/www/domainname

#15

Just did a small tutorial on this matter, hope someone will test it out, and confirm my method is working.

This is based on VSFTPD, MySQL, PAM :slight_smile:


#16

Not sure how many this will help, but if you installed Easy Engine on a Google Developer Console - Compute Engine, VM Instance, you may run into maddening frustrations, trying to set up and use sFTP.

Suggestion: Use the LAMP - Transfer Files documentation, provided by Google (https://cloud.google.com/compute/docs/tutorials/lamp/transfer-files).

gcloud compute copy-files ~/LOCAL/DIRECTORY root@<YOUR-INSTANCE>:/var/www/YOUR-WEBSITE/htdocs --zone <YOUR-ZONE>

…Of course, this method assumes you’ve already followed the procedures to set up SSH access.

It even supports “All Files” using:

gcloud compute copy-files ~/LOCAL-DIRECTORY-PATH/* root@<YOUR-INSTANCE>:/var/www/YOUR-WEBSITE/htdocs --zone <YOUR-ZONE>

Note the asterisk!

While, these methods do work very well, they depend on the Google Developer Console account owner (or authorized users) having previously established SSH access. An efficient and secure process to provide sFTP access to a client, is yet to be discovered.


#17

Hi @yavisht

It’s been a long time, and we haven’t heard from you. It looks like your issue is resolved.

I am closing this support topic for now. Feel free to create a new support topic if you have any queries further. :slight_smile:


#18