安装FTP服务器
> apt-get install vsftpd启用local_enable和write_enable为YES
>和/etc/vsftpd.conf中的匿名用户重启 – 服务vsftpd
> restart – 允许进行更改
在WP Admin中添加用于FTP访问的wordpress用户
为用户创建一个假shell,将“usr / sbin / nologin”添加到/ etc / shells文件的底部
> useradd username -d / var / www / -s /usr/sbin / nologin
> passwd用户名
将这些行添加到/etc/vsftpd.conf的底部
– userlist_file = / etc / vsftpd.userlist
– userlist_enable = YES
– userlist_deny = NO
将用户名添加到/etc/vsftpd.userlist顶部的列表中
> restart vsftpd“service vsftpd restart”
>确保防火墙对于ftp“ufw allow ftp”允许打开
>修改用户名“chown -R”的/ var / www目录
在/ var / WWW
我也经历了this post上列出的所有事情并且没有运气.我的联系被拒绝了.
抱歉上面的文本格式不佳.我想你应该已经明白了.这是我们一遍又一遍地做的事情,由于某种原因,它不是在这里合作.
安装程序是Ubuntu 12.04LTS和VSFTPD v2.3.5
解决方法
Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere REJECT all -- anywhere 127.0.0.0/8 reject-with icmp-port-unreachable ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:http-alt ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT icmp -- anywhere anywhere icmp echo-request LOG all -- anywhere anywhere limit: avg 5/min burst 5 LOG level debug prefix "iptables denied: " REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
这里^
ufw-before-logging-input all -- anywhere anywhere ufw-before-input all -- anywhere anywhere ufw-after-input all -- anywhere anywhere ufw-after-logging-input all -- anywhere anywhere ufw-reject-input all -- anywhere anywhere ufw-track-input all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp spt:ftp state ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp spt:ftp-data state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpts:1024:65535 state ESTABLISHED
我用REJECT突出显示的行拒绝所有入站连接.您放在底部的规则允许ftp& ftp-data从不开火.也不是ufw规则.
我不是一个ubuntu人,我没有方便查看的盒子,但很可能你的初始化脚本处理你的防火墙是硬编码前几个规则,然后你添加配置的地方发生在以后的引导顺序.
