Installing, setting up, and starting an FTP server
Due to the variety of issues associated with setting up a working FTP server on an AWS EC2 instance, this topic has been moved to its own article.
Set up port access in the instance security group and install the FTP server
First, ensure that the security group for the given instance allows incoming FTP traffic. This means inbound TCP traffic must be allowed on the port range 20-21 and also on the port range 64000-64321 (for passive mode connections from clients, which is often the kind of connection that UI-based FTP clients will use).
Next, install the FTP server.
yum install vsftpd
At this point, you have the option of setting up anonymous FTP access, or setting up access only for specific user accounts. It may be easier to set up access for anonymous connections temporarily and then disable it if you only need FTP to perform an initial setup (e.g., to install a WordPress instance).
Setting up the FTP server for anonymous FTP access
If anonymous access is desired, it should be enabled in
/etc/vsftpd/vsftpd.conf (the second line will most likely be needed if, for example, you want to allow WordPress to modify its own configuration via FTP while being controlled through its web-based user interface):
The root directory for anonymous connections can be set (if this is being done to upload WordPress themes via FTP, then the directory might be the server's document root directory, such as
Most likely, it will be necessary to enable passive connections:
pasv_enable=YES pasv_min_port=64000 pasv_max_port=64321 port_enable=YES pasv_address=example.com pasv_addr_resolve=YES
In the above,
pasv_address could be an explicit IP address, in which case
pasv_addr_resolve should be set to
Allow anonymous FTP connections to support reading:
Uncomment or add the following to allow anonymous FTP connections to support uploading, writing, and directory creation:
write_enable=YES anon_upload_enable=YES anon_mkdir_write_enable=YES dirmessage_enable=YES
Ensure that files created by the FTP user are owned by another user (for WordPress, this is necessary because otherwise new plugin and theme files will only be readable by the FTP user):
You may want to allow anonymous FTP connections to also support file and directory deletion and overwriting (this is necessary for WordPress self-management via FTP):
Restart the server.
Set the directory permissions appropriately. For example, if
/var/www/html and you want to support WordPress installation and self-management of themes via FTP, then
/var/www/html/wp-content/themes should be writable by the FTP user.
After you are finished using the FTP service to make updates or upload files, it may be a good idea to stop the server completely.
Setting up the FTP server to allow connections only from specific user accounts
You will want to disable anonymous connections in
To be written.