You can build an FTP site on a Windows Elastic Compute Service (ECS) instance so that you can transfer files to or from the instance after you connect to the instance. This article describes how to build an FTP site on a Windows ECS instance.
An ECS instance that meets the following requirements is created:
The instance is associated with an auto-assigned public IP address or an elastic IP address (EIP). For more information, see Associate or disassociate an EIP.
The instance runs Windows Server 2008 or later.
Make sure that the IIS and FTP services are installed on the Windows instance on which you want to build an FTP site. If you have not installed the IIS and FTP services on the instance, perform the following steps to install the services.
1. Connect to the Windows instance.
For more information, see Connect to a Windows instance by using a username and password.
2. In the lower-left corner of the Windows desktop, click the icon. Then, find and click Server Manager.
3. In the top navigation bar, choose Manage > Add Roles and Features.
4. In the dialog box that appears, accept the default settings and click Next until you reach the Select server roles step.
5. Select Web Server (IIS). In the dialog box that appears, click Add Features and then click Next.
6. Accept the default settings and click Next until you reach the Select role services step.
7. Select IIS Management Console and FTP Server and click Next.
8. Click Install. After the IIS and FTP server roles are added, click Close.
Create a Windows user to access the FTP site to be built. If you want to access the FTP site as an anonymous user with the anonymous
or ftp
username, skip the steps described in this section.
1. In the lower-left corner of the Windows desktop, click the icon. Then, choose Windows Administrative Tools > Computer Management.
2. In the left-side navigation pane, choose System Tools > Local Users and Groups > Users.
3. In the Actions column in the right part of the window, click More Actions and then click New User.
Configure the following parameters or settings:
ftptest
username is used.Note: The password must contain uppercase letters, lowercase letters, and digits. Keep your password confidential to prevent data security risks caused by password leaks.
4. Click Create and close the New User dialog box.
Create a folder for sharing files with the FTP site and grant the access and modification permissions on the folder. Subsequently, when clients access the FTP site, all files are transferred by using this folder. Perform the following operations:
In this example, all permissions in the Allow column are selected. You can select or clear permissions in the Allow or Deny column based on your business requirements.
1. In the lower-left corner of the Windows desktop, click the icon. Then, find and click Server Manager.
2. In the top navigation bar, choose Tools > Internet Information Services (IIS) Manager.
3. In the left-side navigation pane, choose <Hostname of the Windows instance> > Sites
. Then, in the Actions column in the right part, click Add FTP Site.
4. In the dialog box that appears, configure parameters and click Next.
Configure the following parameters:
ftptest
.5. Configure the IP address and SSL settings and click Next.
Configure the following parameters:
SSL: In this example, No SSL is selected, which indicates that SSL encryption is not required. If you want to secure data transfers and already have an SSL certificate, select Allow SSL or Require SSL.
6. Configure authentication and authorization information and click Finish.
Configure the following parameters:
Authentication: In this example, only Basic is selected. Then, you can use the ftptest
user that you created to access the FTP site. If you do not have security requirements on data transfers, you can select Anonymous so that you can access the FTP site as an anonymous user.
anonymous
or ftp
username to access content.Authorization: In this example, Allow access to is set to Specified users, and ftptest
is entered.
After you preform the preceding steps, you can view the built FTP site in Internet Information Services (IIS) Manager.
7. Configure the firewall of the FTP site.
a) In the Internet Information Services (IIS) Manager window, double-click the FTP site name ftptest
to go to the ftptest Home page.
b) Double-click FTP Firewall Support.
c) In the External IP Address of Firewall field, enter <Public IP address of the Windows instance>
.
d) In the Actions column on the right side, click Apply. In the message that appears, click OK.
After you build the FTP site on the Windows instance, add inbound rules to the security groups of the instance to allow traffic to port 21 and the passive port range of 1024 to 65535 of the FTP server.
Note: Specify the port range based on your needs. We recommend that you use ports with higher numbers. In this example, the port range of 29000 to 30000 is used.
1. In the security groups of the Windows instance, add inbound rules to allow traffic to port 21 and ports in the range of 29000 to 30000.
For information about how to add a security group rule, see Add a security group rule.
Note: For more information about security groups, see Security groups for different use cases and Common ports.
2. (Optional) Configure the firewall of the Windows instance.
By default, the firewall of the Windows instance is disabled. If your firewall is enabled, open TCP port 21 and ports in the range of 29000 to 30000 for the FTP service.
For more information about firewall settings, see Build an FTP Site on IIS?redirectedfrom=MSDN#Step4).
You can use Windows File Explorer, command-line tools, browsers, or third-party FTP connection tools to test the FTP server. In this example, a Windows computer is used as an FTP client and Windows File Explorer is used to access the FTP site.
1. On the Windows computer, open Windows File Explorer and enter ftp://<Public IP address of the FTP site>:21
in the address bar.
In this example, Window 10 is used.
2. In the Log On As dialog box, configure logon credentials and click OK.
In this example, the ftptest
username and its password are used as credentials to log on to the FTP site.
When you use Windows File Explorer to access the FTP site, if Use Passive FTP is not enabled for the IE browser on Windows, you cannot access the FTP site and error codes 200 and 501 are returned. You can perform the following steps to enable Use Passive FTP for the IE browser and then access the FTP site again:
a) On the Windows computer, open the IE browser.
b) In the upper-right corner, click the icon and select Internet Properties.
c) Click the Advanced tab. In the Settings section, select Use Passive FTP (for firewall and DSL modem compatibility).
d) Click Apply and then click OK.
After you access the shared ftp folder that corresponds to the FTP site, you can create a test folder named test.
Then, you can log on to the Windows instance again. If the FTP site is built and can be used for data transfers, you can find the test folder in the ftp folder on Disk C.
If you want to manage files stored in Object Storage Service (OSS) by using FTP, you can install ossftp. For more information, see Overview.
After ossftp receives a regular FTP request, ossftp maps operations on files and folders to operations on OSS objects.
1,029 posts | 252 followers
FollowAlibaba Cloud Community - January 15, 2024
Alibaba Clouder - February 10, 2020
Alibaba Cloud Community - July 3, 2024
Alibaba Clouder - August 11, 2020
Alibaba Clouder - August 14, 2019
Alibaba Clouder - February 10, 2020
1,029 posts | 252 followers
FollowElastic and secure virtual cloud servers to cater all your cloud hosting needs.
Learn MoreAlibaba Cloud Function Compute is a fully-managed event-driven compute service. It allows you to focus on writing and uploading code without the need to manage infrastructure such as servers.
Learn MoreHigh Performance Computing (HPC) and AI technology helps scientific research institutions to perform viral gene sequencing, conduct new drug research and development, and shorten the research and development cycle.
Learn MoreA HPCaaS cloud platform providing an all-in-one high-performance public computing service
Learn MoreMore Posts by Alibaba Cloud Community