Ultimate File Manager for ISPConfig

Discussion in 'Feature Requests' started by concept21, Jan 20, 2019.

  1. concept21

    concept21 Active Member HowtoForge Supporter

    ahrasis, budgierless and till like this.
  2. budgierless

    budgierless Member HowtoForge Supporter

    some install notes maybe helpful to get it added to ispconfig relase faster, what steps or custom script have to got to do this?
  3. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    I think the point is that ISPConfig does not need a file manager. Admin can use WinSCP on windows or the usual file managers on Linux can mount FTP or SSH directories, and look like the WinSCP in the first post.
    As for myself, I have used Control Panels with file manager built in. I think they are horrible. I much prefer just using terminal to login to the host.
    Besides, there are file managers that can be used in a terminal window, Midnight Commander and Ranger, for example.
    ahrasis likes this.
  4. budgierless

    budgierless Member HowtoForge Supporter

    Not sure about that as this is posted in this Feature Requests thread!!
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    I guess you can see the post from @concept21 as a joke or as we say in Germany "Wink mit dem Zaunpfahl" for all those that ask again and again which filemanager to use as there is actually a perfect filemanager available which works nicely with ISPConfig out of the box without any additional setup needed and the bonus is, it's also much faster then any web-based file manager and it is capable to upload even sites with multiple gigabytes in size. I use WinSCP daily for my server tests and ISPConfig development and I won't miss it, I even donated them some money last year as WinSCP is one of my most used tools.
    concept21, ahrasis and budgierless like this.
  6. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    WinSCP's fine, I tend to just ssh to the server, use the cli :)
    for anyone techie, ftp software, ssh, WinSCP etc are all fine. no problems with that.
    I still think the ispconfig control panel needs a gui file manager in it somewhere though. not for us techies. but for the technophobes, and old people that call up constantly, having forgotten their ftp passwords, or can't work out how to configure FileZilla etc. have no idea what ssh is, and just go completely blank when told they have to unblock specific ports on their computer.
    we've all dealt with them, the ones where you feel like telling them they should put their computer into a box, go back to the shop they bought it from, ask for a refund, and never go near a computer again.
    these are the people that need a built in file manager so they can see, edit, and drag-and-drop files in their web folders area directly from the control panel. because they have neither the time, patience, or competence to do it any other way.
    and it means us techies can get more real work done, because we're not having to deal with 50+ calls everyday from people that don't have a clue how to do the most basic things. :mad:
  7. webguyz

    webguyz Active Member HowtoForge Supporter

    Big deficit for ISPConfig not having a customer file manager especially for those users coming from cPanel. They are often stunned that there is no web based file manager. My vote for a free open source FTP manger is javascript based elfinder . Should be able to get it to work in the GUI without to much hassle.
    Gwyneth Llewelyn and ahrasis like this.
  8. ahrasis

    ahrasis Well-Known Member

    Elfinder seems neat. I will have it a try.

    Edited: I just tested it and wow! It is very easy to install, neat and quite fast. It has a built-in editor and convertor too, which is just smart. I am going to replace my net2ftp to this and see how it goes further.
    Last edited: Jan 26, 2019
    Gwyneth Llewelyn likes this.
  9. concept21

    concept21 Active Member HowtoForge Supporter

    How do you integrate it into ISPConfig 3.1? :rolleyes:
  10. ahrasis

    ahrasis Well-Known Member

    It is very straightforward and you don't have to do anything with ISPConfig, any created ftp account in ISPConfig can already have access to its assigned folders.

    First just follow the instructions to download its zip file, unzip, rename one file as stated its elfinder install wiki. I personally rename elfinder.html to index.html too for easy access.

    Then it is up to you and your ispconfig setup. In my case I am using nginx apps.vhost, so just copy phpmyadmin config in it and change accordingly to elfinder folder and access it via my.server.tld:8081/elfinder/elfinder.html (if you did not renamed to index.html as index.html is already / can be set in your vhost).

    But if yours is multi server setup, create a website for it and install elfinder in it, may be, is a better choice.
  11. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    how did you tie it to ftp accounts? it seems to me there is no security on it at all, if anyone stumbles on the elfinder.html file, they can upload/edit anything they want.

    seems to me that the only security is either install it centrally and alias it in /etc/apache2/conf-enabled for everyone to access using theirowndomainname/elfinderalias, can password protect the folder, but then everyone uses the same username/password, which is effectively no security, or the .htpasswd file gets very unwieldy to maintain.

    or it's installed in a subfolder on every site, which is again, going to be a pain in the arse to maintain / avoid customer fuck-ups.
  12. ahrasis

    ahrasis Well-Known Member

    What have been properly setup via ISPConfig are already secured and safe, thus, even by allowing anybody accessing the elfinder website, like any other file manager software or website, nobody can access any account created via ISPConfig without its credentials.

    My advice is, unless you have tested your proper ISPConfig server with it fully and have evidence to support your claims, I really hope you don't make any unfounded / unnecessary accusations in the future.
  13. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    i'm not making unfounded/unnecessary accusations. i'm just asking questions about security because looking at the instructions you linked to, and what you've written yourself, I can't see where there is any. i'm just trying to get more clarity, and explain where I do see some security and why what I can see isn't ideal.

    according to you, I can type in my.server.tld:8081/elfinder/elfinder.html and access files, well, If I can just type the url into a browser and access files, without being asked for a username/password, then that is insecure, anybody could type that in.
    now I may be missing something obvious here, it wouldn't be the first time.

    also i'm not using nginx, i'm using apache, so when you say
    for apache, that would be add the contents of /etc/apache2/conf-enabled/phpMyAdmin.conf into /etc/apache2/sites-enabled/apps.vhost and adjust paths/names accordingly?
  14. ahrasis

    ahrasis Well-Known Member

    I think either you don't understand ISPConfig server setup or we are talking in "different languages" here as nobody can access a properly setup ISPConfig server, files or folders, through desktop softwares or any websites on that server without permission and access credentials.

    In any event, normally somebody will pass by, read this and hopefully in understanding whatever that you need, he or she can help you.
  15. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    that's the point, you're not talking about the ispconfig panel, you state: access it via my.server.tld:8081/elfinder/elfinder.html
    that is a url. anyone, anywhere can type a url into any browser on any computer. if that url opens up the file manager on your server, then that file manager has access to files/folders.
    I can open up phpMyAdmin, but I get a login page, I can't access an actual database UNTIL I've given the correct credentials.
    same with ispconfig, it asks for login details. any ftp access, asks for login details.
    where in elfinder is this request for credentials?
  16. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    ok, I may have worked it out.
    If I think I've got you right, my.server.tld:8081/elfinder/elfinder.html is what you're setting for the webftp url in the control panel, and the link is only available to users when logged into the panel, clicking on the webftp button on the ftp-accounts page?

    in which case your initial comment about not having to do anything in ispconfig threw me off, as I thought that included not having to set the webftp url
  17. Stelios

    Stelios Active Member HowtoForge Supporter

    @nhybgtvfr did you manage to make it work?
    I've tried the above but once I access it via the user/webftp there is a blank page.
    In logs it throws:
    Refused to load the script 'https://cdnjs.cloudflare.com/ajax/libs/require.js/2.3.6/require.min.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
    (index):13 Uncaught ReferenceError: define is not defined
        at (index):13
  18. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    i don't remember now, certainly don't remember seeing any problems like that.
    i preferred net2ftp and stopped playing around with elfinder.
  19. I think the folder needs to go in /usr/local/ispconfig/interface/web
  20. ahrasis

    ahrasis Well-Known Member

    Elfinder works fine and is still working fine on my server. And no, we use the same folder PMA and RC (/usr/share/..) and we never install apps softwares in ISPConfig web folder.
    CyberMaster likes this.

Share This Page