drh.net - Hosting Technical Support

		DRH Internet Inc. Website hosting technical support library

What is Anonymous FTP?

Anonymous FTP is a way to make files available for download. Each DRH domain comes with an anonymous FTP server already set up. Any files you place in the anonymous FTP directory will be available for public download, but no one will be able to upload, edit, or delete files on your site.

Anonymous FTP is the same protocol as the standard FTP that is used for uploading files to your web site, except that with anonymous FTP there is no password authentication or uploading.

Anonymous FTP used to be preferred over web (HTTP) for file distribution. It is still widely used on the internet, but some of the advantages it once held over HTTP for file distribution have been equalized. You can probably get along fine distributing your files over HTTP, but anonymous FTP is, well, a bit cooler sometimes.

Accessing your anonymous FTP server

Your anonymous FTP site can be accessed by your web browser at ftp://www.yourdomain.com/ (or ftp://ftp.yourdomain.com/ or ftp://yourdomain.com/ -- the prefix does not matter). The important part of these names to note is the ftp:// protocol identifier which lets your browser know to connect using anonymous FTP, not a web (HTTP) connection.

Your anonymous FTP area can also be accessed by internet users through an FTP client (such as cuteFTP in windows or a command-line tool in UNIX or Dos). The user should enter a username of 'anonymous' and a password of their e-mail address.

Managing your Anonymous FTP area

Your anonymous FTP files are located in the directory named "anonymousftp" inside your home directory. If this directory does not already exist, create this directory to enable anonymous FTP.

Simply upload files into the anonymousftp directory as you would normally and they will be accessible through anonymous FTP.

To display a message whenever a user loggs in, create the file anonymousftp/welcome.msg. To display a message whenever a user changes to a new directory, place a file named .message inside that directory.

It is possible to enable anonymous FTP users to upload files by creating an anonymousftp/incoming directory and giving it permissions 777. Files uploaded by users will be owned by the UNIX user nobody and the group nobody. Since your UNIX user account will own the directory these files are in, you may delete them. But to modify an uploaded file, you may have to copy it to a new filename. (Read more about UNIX permissions and file ownerships.)

Anonymous FTP users are not allowed to download files from the anonymousftp/incoming directory. This prevents unfriendly users from using your anonymous FTP space as their own personal file storage area.

You may note that since the anonymousftp directory is inside your home directory the same files may be accessed through FTP or HTTP by the URLs http://www.yourname.com/anonymousftp/file.txt or ftp://www.yourdomain.com/file.txt. However, files in the anonymousftp/incoming directory may not be accessed through HTTP. This is done to prevent Cross Site Scripting security holes. (Read more about Cross Site Scripting from Apache and CERT websites.)

Logging

Everything that occurs on your Anonymous FTP server is recorded in the file logs/anonftp.log inside of your home directory. At the end of the day this file is appended to the logs/anonftp.log2 file. At the end of the month the logs/anonftp.log2 file is compressed and added to the logs/anonftp.log2.gz file.