====== FileZilla FTP Server for Windows ====== The built-in FTP service for Windows is part of the IIS web server and is quite complicated to set up and get working for many applications. We generally use the free FileZilla Server for Windows FTP server requirements. ==== Add a FileZilla FTP User ==== As an administrator, on the FileZilla server: - Create a **FTP home directory** for the new user * Probably a sub-directory of your main FTP top-level share * ex: ''E:\Shares\FTP\jdoe'' - Open the **FileZilla Server Interface** on your server - **Edit -> Users -> Add** - Define account settings - Add the shared folder (FTP home directory) - Set permissions to the shared folder {{:networking:windows:fz_new_user_1_create_home_dir.png?450 |Create FTP User Home Dir}} {{ :networking:windows:fz_new_user_2_open_server_iface.png?300 |FileZilla Server Interface}} {{ :networking:windows:fz_new_user_3_add_user.png?600 |Add a User}} {{ :networking:windows:fz_new_user_4_user_name.png?300 |Name the User}} {{ :networking:windows:fz_new_user_5_user_settings.png?600 |User Settings}} {{ :networking:windows:fz_new_user_6_user_folders.png?600 |User Folders}} {{ :networking:windows:fz_new_user_7_user_select_home_folder.png?300 |Select the Home Dir Created Earlier}} {{ :networking:windows:fz_new_user_8_user_home_perms.png?600 |Home Folder Permissions}} {{ :networking:windows:fz_new_user_9_winscp_connected_ftp.png?750 |Connected!}} ===== FileZilla Server ===== The FileZilla Server supports: * Unencrypted (normal) **FTP** * FTP over TLS (**FTPS**), including * **Explicit** on port 21 * **Implicit** on port 990 However, FileZilla Server does **not** support **SFTP** (SCP/SSH) ==== Server Installation ==== - Create a dedicated ''filezilla'' user account to run the FileZilla server process * Member of the ''Administrators'' group * Password never expires - Download and install the latest FileZilla Server version * https://wiki.filezilla-project.org/FileZilla_FTP_Server - Modify the ''FileZilla Server'' service (Log On tab) to run as the ''filezilla'' user * ''services.msc'' - Configure ''Passive Mode settings'' * Specify a range of ports (5000-5010 used here) - Configure FTPS (TLS) security with a self-signed certificate * ''FTP over TLS settings'' * ''Generate a new certificate'' - Modify the Windows firewall to permit FTP traffic * Add a rule named ''FTP Ports'' * TCP ports 21 and 990 * Also add the Passive Mode port range you define (5000-5010 used here) - In your external firewall, forward all the same ports in to the FileZilla Server {{ :networking:windows:fz_server_2_firewall_rule.png?400|Firewall Rule Details}} {{:networking:windows:fz_server_1_firewall_rule.png?400 |Add a Windows Firewall Rule}} {{ :networking:windows:fz_server_3_passive_mode_settings.png?600 |Passive Mode Settings}} {{ :networking:windows:fz_server_4_ftp_over_tls_settings.png?600 |FTP Over TLS Settings}} ===== Troubleshooting ===== ==== Home directory does not exist ==== Make sure the FileZilla Server process is running under a user with administrative permissions. We add the ''filezilla'' user to the ''Administrators'' group.