net2ftp on multi server setup

Discussion in 'Plugins/Modules/Addons' started by Stelios, Oct 20, 2020.

  1. Stelios

    Stelios Active Member HowtoForge Supporter

    Hi all,
    I've installed successfully net2ftp on my primary server which holds only the control panel.
    When any user is trying to login it gets a message that can't access his directory.
    That is happening as the web servers are many and not on the localhost.
    Under settings.inc.php there isn't an option to define my multiple web/FTP servers.
    Is there a workaround on this?

    Thanks
     
  2. Stelios

    Stelios Active Member HowtoForge Supporter

    This is very bizarre. I've added my ftp servers under the settings_authorizations.inc.php and they are listed fine when I'm trying to login but none of the ftp brings the proper path; if fails and drops you back to root (without listing files/dirs).

    Any help is very much appreciated.
     
  3. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    install net2ftp onto each webserver, and then set the webftp url to /webftp (assuming webftp is your alias in /etc/apache2/conf-available/net2ftp.conf)

    then tell users to use their own domain name with the webftp extension, eg clientdomain1.com/webftp, or clientdomain2.co.uk/webftp
     
  4. Stelios

    Stelios Active Member HowtoForge Supporter

    It's not possible to have it installed only on the main/control panel server and everyone access it via its url?
     
  5. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    you can configure multiple ftp servers in settings_authorizations.inc.php
    but you probably won't be putting every single domain name in there, just the server FQDN, and then you'll probably get hassled just as much by customers asking what server they should use, or picking the wrong server and then asking why they can't login.

    it's probably less hassle to just install it on each webserver, and tell them they can just add /webftp to the end of their domain url.
    also means you don't lose webftp access on all servers if your master server is offline for any reason.
     
    Jesse Norell likes this.
  6. Stelios

    Stelios Active Member HowtoForge Supporter

    It's not working. I always get a failure in listing the user directory.

    Under my main controlpanel server I can access fine the net2ftp from the /filemanager url I've got in my apache.
    In the settings_authorizations.inc.php I've added my servers but even with setting to ALL still the same problem.

    Do I need to open maybe any ports on firewall apart from 21 for the ftp to work?
     
  7. Stelios

    Stelios Active Member HowtoForge Supporter

    Further to my post, under error_log on the controlpanel server there is:

    Code:
    ftp_chdir(): Can't change directory to /var/www/mydomain1.com/web: No such file or directory in /usr/share/filemanager/includes/browse.inc.php on line 81, referer: https://controlpanel.mydomain.com:8080/filemanager/index.php
    [Tue Oct 20 19:17:51.280903 2020] [php7:warn] [pid 4820] [client 178.147.176.161:52238] PHP Warning:  ftp_chdir(): Can't change directory to var/www/mydomain1.com/web: No such file or directory in /usr/share/filemanager/includes/browse.inc.php on line 87, referer: https://controlpanel.mydomain.com:8080/filemanager/index.php
    it seems that it search on the localhost server (the controlpanel) for the directory instead of the web2.mydomain.com which is the proper one.
     
  8. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Have you configured passive port range for FTP and opened that range of ports in firewall?
     
    ahrasis likes this.
  9. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    if you have local firewalls running on each server, you'll need the relevant ftp ports open on them. 20, 21, and what-ever passive port range you use.
    not sure about that error though, i've only used net2ftp on each webserver to connect to localhost only.
    i've never tried to use it to connect to an ftp service running on another server.
     
  10. Stelios

    Stelios Active Member HowtoForge Supporter

    It doesn't have to do with firewall as the same error happening.

    I've configured the passive port as:
    Code:
    echo "40110 40210" > /etc/pure-ftpd/conf/PassivePortRange
    service pure-ftpd-mysql restart
    I can telnet port 21 etc fine outside of my servers so is not an issue with firewall.
     
  11. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    If you telnet out from your server firewall is not involved. So testing like that does not prove anything about firewall. Even if you test that port 21 is open, it does not show that ports 40110 -- 40210 are open.
     
  12. Stelios

    Stelios Active Member HowtoForge Supporter

    I disabled completely the firewall rules and the same happening.
     
  13. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    i believe net2ftp uses active mode by default, with passive mode being a checkbox selection.
    so port 21 for the control channel and port 20 for the data channel in active mode, 40110 - 40210 in passive mode according to your selection.

    i would question more where it's getting this directory from
    'ftp_chdir(): Can't change directory to /var/www/mydomain1.com/web:'
    as my belief is the path it get's from the ispconfig database for the ftp users home folder is '/var/www/clients/client##/web##'


    and i've just tested login in from net2ftp on 1 server to an ftp server running on another server in the same lan.
    use advanced mode, tick the passive mode checkbox, and leave the initial directory empty, or set it to /web to login directly to the website docroot. works perfectly fine, no errors.
    also probably best to leave the ftp server in 'settings_authorizations.inc.php' to just 'all' and tell users to enter the domain name of the site they're trying to access as the host. if they try using the servers FQDN, and you've got that set as the internal (private) ip of that server in your /etc/hosts file then it won't connect.
    maybe edit the loginform.template.php file, hide the ssh and advanced login and see if you can force the basic login to default to passive mode, or to preset the passive mode settings and remove the anoynmous option on the advanced login.
     
  14. Stelios

    Stelios Active Member HowtoForge Supporter

    @nhybgtvfr that worked; clicking the passive mode was the trick.
    Do you know if it is possible somehow to hide all other options and keep that as default (the passive mode)?

    Many thanks for your help.
     
  15. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    yep, as i said before, edit loginform.template.php

    i've done that to show only the basic ftp login part. can be done to show only the advanced login part instead.
    as for setting the passive mode by default. dunno for sure, but it should be possible, you'll have to look at the code and work it out.
    by default the file is /<path>/<to>/<net2ftp>/skins/shinra/loginform.template.php
     
    Last edited: Oct 22, 2020
  16. Stelios

    Stelios Active Member HowtoForge Supporter

    Thanks for the update. I just asked if there was a setting that can achieve the above instead of editing files; just to avoid overwriting changes in case of an upgrade.

    Thanks a lot for your help.
     

Share This Page