User FTP access problem

Discussion in 'Installation/Configuration' started by koheleth, Oct 16, 2019.

  1. koheleth

    koheleth Member

    Hi, Wordpress permissions error as I uploaded files and installed as root and could not install delete etc various needed functions from within WP as user admin ftp, it demands ftp access info, I give it and wait for ever and nothing happens. searched forums, seen the obvious problem so need to upload and install as site user with permissions for installing, plugins themes etc.

    Now my last panel had a feature to fix permissions with a click for the domain owner. That's another thing.

    The created ftp user for the domain can with winscp logon perfectly with SFTP but cannot upload, delete etc etc. It just says permissions denied.

    With FTP I just get this at every login.

    Timeout detected. (data connection)
    Could not retrieve directory listing
    Error listing directory '/'.
    I searched the forums and cannot seem to find an asnwer.
    Thought maybe the 'configure the passive port range' post was the answer but alas no.

    Anychance of some help to sort this.

    Site is up with root as boss but would like the WP admin to be in control for easy installs, deletions from WP admin panel etc.


    Thanks for the new version upgrade, all seemed to go tickety boo.
  2. koheleth

    koheleth Member

    When you create a FTP user what is the hostname for the client software, IP, domain, domain with or without www of ftp. or : tried all.

    I noticed with the basic username and pwd it knows the root path to the site.
  3. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    If you uploaded the wordpress files as root, you will need to login as root again to be able to change ownership to the website user.

    Interesting idea, you could add that to the issue tracker as a feature request.
    koheleth likes this.
  4. koheleth

    koheleth Member

    Obviously with root I can do anything.
    If I knew how do everything.

    Just trying to work out why a ftp user setup does not seem to work. Pretty basic.
    Screen shot of the other panel btw.

    Annotation 2019-10-16 195714.jpg
  5. koheleth

    koheleth Member

    Without complicating things, created a ftp user for a site, no access via ftp. What am I doing wrong? Error above.

    Tried everything.
  6. Steini86

    Steini86 Active Member

    Try reading the documentation. Then try giving the right file permissions. (needs to be done as root, because a user can not change permissions of files that are write only by root)
    - FTP works
    - login works
    - permissions work as intended
    -> Change file ownership to your webXY user and you are fine.
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    You explained yourself in the first post what you did wrong, I'll cite you:

    So when you upload files as root user instead of using an FTP or shell user of the website, then files are owned by the wrong user (root) of course which means that you have to chown them to the right user and group (webX user and clientX group) of the website. If you would have used a shell user or ftp user of that site, all files would have been owned by the right user and group automatically.

    So this is purely your mistake here by using root to install the site without changing ownership afterwards.

    That's impossible as FTP users can not login by scp or sftp, they can login by FTP and FTPS only. SFTP is the file transfer protocol of the SSH daemon and not the FTP daemon. So either you created a shell user and not FTP user in ISPConfig and used that for the login or you did not install the server correctly, e.g. you installed a wrong FTP server (e.g. pure-ftpd instead of pure-ftpd-mysql) or you messed up the ftp server config after installing ISPConfig by e.g. reinstalling the FTP server which wiped out the config files.
  8. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    The command to change file owner and group owner is chown. Read man chown for details.
    Find the client ID and website id like this:
    # ls -lhd /var/www/somedomain.tld
    lrwxrwxrwx 1 root root 34 huhti 24  2018 /var/www/somedomain.tld -> /var/www/clients/client111/web320/
    Then do the chown:
    # chown -R web320:client111 /var/www/clients/client111/web320/web/*
    koheleth likes this.
  9. koheleth

    koheleth Member

    I created the ftp user by Sites / Web Access / FTP Accounts and then Add new FTP User.
    And it throws up that error when using ftp port 21 but SFTP and SCP it goes straight in but cannot do anything but move around whole server but with restrictions.

    When I installed I follwed the intructions, guess I could have made a mistake. Not reinstalled anything. Only thing I have done is what you recommended regarding the 'passive port range'.

    If you wish to take a look I can give you access.

  10. till

    till Super Moderator Staff Member ISPConfig Developer

    You must have an SSH user with the exact same name then as sshd can not authenticate against the FTP user database, it is not even capable to connect to mysql.

    If you want that someone takes a look at your system remotely, please contact Florian from Business support team here:
  11. koheleth

    koheleth Member

    Thanks, yes there is a ssh user with the ftp name, so thats why I can get in via sftp etc.
    root@server:~# apt-get install pure-ftpd-mysql
    Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    pure-ftpd-mysql is already the newest version (1.0.46-1build1).
    0 to upgrade, 0 to newly install, 0 to remove and 3 not to upgrade.
    root@server:~# apt-get install pure-ftpd
    Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    The following packages will be REMOVED
    The following NEW packages will be installed
    0 to upgrade, 1 to newly install, 1 to remove and 3 not to upgrade.
    Need to get 124 kB of archives.
    After this operation, 52.2 kB disk space will be freed.
    Do you want to continue? [Y/n]
    I created another FTP user with a different name and it just says access denied and asks for pwd.
    If I figure it out I will post back.

    Might do a fresh install and see if that fixes it.

  12. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    You have broken your FTP server by uninstalling pure-ftpd-mysql. Is there a reason for doing this?
    The FTP users are not real Linux users in /etc/passwd, they are virtual users created in database. By removing the database understanding pure-ftpd those users stop being available.
  13. koheleth

    koheleth Member

    I did not go ahead with the install, I was just showing what was and was not installed if you get my drift.
    So all seems as it should be.
  14. till

    till Super Moderator Staff Member ISPConfig Developer

    ensure that you enter the correct FTP username incl. prefix as shown in the ftp user list.
  15. koheleth

    koheleth Member

    Hi, that's another odd thing, it was showing as defaultdavid, when I enetered that it would not work. I will create a new one and post an image.

    Also the hostname should it be the IP or the domain name with www.

    Annotation 2019-10-17 144804.jpg

  16. koheleth

    koheleth Member

    Same error, new ftp user. SFTP rejects as it should.

    Annotation 2019-10-17 145051.jpg
  17. till

    till Super Moderator Staff Member ISPConfig Developer

    Could not retrieve directory listing means that you connected successfully, so username and password were correct this time, but your passive port range is still blocked so that your ftp client did not receive the file list. So this is a network/ firewall problem and not an issue with the FTP user or ispconfig.

    1) The passive port range must be set in the ftp daemon:
    2) the passive port range must be set in the ispconfig firewall, if you activated it.
    3) If your server is inside a private network, then you must forward all ports that are within the passive port range from your router to your server.
    4) When your server is in a datacenter or a cloud server and the datacenter or cloud provider uses a firewall, then all ports of the passive port range must be opened there as well.
  18. koheleth

    koheleth Member

    Ok, thank you till I will look into it. I did as that howto says the other day maybe I entered a wrong IP?
    Remember it is a home server behind my ISP router.
    All ports open in my router in that range, not done that, will add them now.
  19. koheleth

    koheleth Member

    Router will not let me add some like 20,53,8080 for example. Just says error.
    My ISP clearly state they do not offer support if you take the fixed IP for home server etc.
    All is just for my personal sites anyway so happy with root.
    Sites up, mail working fine, can't complain saving money every month. Great support.

    Last edited: Oct 17, 2019
  20. koheleth

    koheleth Member

    Thanks, see that now but I also used the name when I installed Ubuntu so I guess it was that why I could SFTP etc with that ftp user?


Share This Page