4. Configuring FTP 8 Features and Properties
The FTP Site Creation Wizard configures the
basic settings for an FTP server; however, there is still a need to
configure more advanced settings or refine the original ones. Similar
to managing websites, you no longer manage property pages by
right-clicking the site. The FTP feature icons have replaced the old
style property FTP pages. The FTP feature icons are installed during
the installation process and are located in the Central Details pane,
as shown in Figure 4. The new FTP features for configuring basic and advanced FTP properties consist of the following:
• FTP Authentication
• FTP Authorization Rules
• FTP Current Sessions
• FTP Directory Browsing
• FTP Firewall Support
• FTP IP Address and Domain Restrictions
• FTP Logging
• FTP Logon Attempt Restrictions
• FTP Messages
• FTP Request Filtering
• FTP SSL Settings
• FTP User Isolation
Figure 4. The FTP features.
4.1 FTP Authentication Feature Page
The FTP Authentication feature page is used
to configure authentication methods for FTP clients. By default, an FTP
site does not have authentication configured, and all mechanisms are
disabled out of the box. An administrator must grant the desired
authentication to the FTP site. The authentication mechanisms for FTP
consist of the following items:
• Anonymous authentication—This
built-in authentication mechanism should be selected when you want to
provide public access to an FTP site without having end users pass
credentials.
• Basic authentication—Another
built-in authentication mechanism for FTP sites. Basic authentication
requires the FTP clients to enter a valid Windows user account and
password when gaining access to the FTP site. Basic authentication
sends password credentials in clear text, which is a security hazard.
Therefore, implement SSL when using this mechanism to encrypt passwords
in transit.
• ASP.NET authentication—The
FTP site will provide authorization to FTP clients by having them enter
a valid ASP.NET user account and password. This is a custom
authentication mechanism that requires a provider and connection string
to an ASP.NET user database. This authentication mechanism must be
added using the Custom Providers task in the Action pane.
• IIS Manager authentication—This
is another custom authentication mechanism similar to ASP.NET. An FTP
client must provide a legitimate IIS Manager username and password to
gain access to FTP content. Similar to basic authentication, the
credentials are not encrypted, so it is recommended for this
authentication to be used in conjunction with SSL. This authentication
mechanism must be added using the Custom Providers task in the Action
pane.
Note
Don’t forget that to use these authentication
mechanisms, the appropriate authentication role services must be
installed prior to configuration.
