The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Mirror download setup questions

Discussion in 'General Discussion' started by Trudger, Jul 10, 2010.

  1. Trudger

    Trudger Registered

    Joined:
    Jul 10, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    I'm new to most cPanel functions, and I have what are likely quite basic questions. I don't even know if I can ask them properly, so I hope you'll bear with me.

    According to the general server info relected on the main panel, I'm using cPanel version 11.25.0-RELEASE.

    I've received a request to set up a mirror download of a game by an independent developer. I've created an FTP account, access to which requires both a user name and password. However, this is perhaps not the best way to handle this sort of thing.

    The developer wants access without a password. I could find no way to do this and I'm thinking it might not be possible with a dedicated FTP account. I've looked for information in the cPanel documentation, help files and these forums and have found nothing.

    I thought maybe anonymous FTP would be the way to go, but I've been unable to locate any specifics regarding setting this up. I've seen it mentioned that permissions should be used in conjunction with anonymous FTP, but I haven't been able to find anything about how to do this.

    The documentation mentions a page that defines "how anonymous users interact with your FTP server" and says "Using the checkboxes, anonymous users can be denied or allowed access to your FTP server for downloading or uploading content." Despite considerable searching, I've been unable to locate such a page.

    The documentation goes on to say "It is recommended that anonymous users be barred from uploading files to your FTP server because this allows anyone to upload malicious software to your website." Again, I've been unable to locate information on how this is accomplished.

    About the only thing I know for sure is that the anonymous directory is public_ftp/. At least, that's what the documentation says. Beyond this, I'm at a loss.

    I'm also concerned about possible risks associated with anonymous FTP, but aside from the aforementioned uploading of malicious software, I've found nothing.

    So here is what I'm hoping someone will be able to help me with:

    Is a dedicated FTP account the best way to handle a mirror download?

    Is it possible to set up a dedicated FTP account that isn't password-protected? If so, what are the risks?

    If this is not possible, would anonymous FTP be the way to go?

    What risks does anonymous FTP carry, and are there ways to protect against them?

    Is there anything else I should know about what I'm trying to accomplish?

    I'd sure appreciate it if I could get some help with this. I've been at it for two days now and I've made no progress, the developer is waiting, and I feel like an idiot. Thank you!
     
  2. Miraenda

    Miraenda Well-Known Member

    Joined:
    Jul 28, 2004
    Messages:
    242
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Coralville, Iowa USA
    What precisely does the developer need to accomplish with the account? Uploads or downloads? If this is a download, most do use FTP for downloads and you can certainly allow anonymous FTP, which won't require a password and that's the only way to have FTP without a password.

    In WHM > FTP Server Configuration area, there's are the following options:

    Allow Anonymous Logins
    Allow Anonymous Uploads
    Maximum Load for Anonymous Downloads

    If you only want to allow downloads anonymously, simply select Yes for the "Allow Anonymous Logins" area. Now, this functionality doesn't automatically turn on anonymous FTP for an account. After allowing it, then in cPanel, there should be an area that will appear for Anonymous FTP. In that area, you'll see the options for that cPanel account:

    Allow anonymous access to ftp://ftp.domain.com

    Allow anonymous uploads to ftp://ftp.domain.com/incoming

    If you only want to allow downloads, you'd then simply select the first one. If you do want uploads to be allowed, you'd select both and select "Allow Anonymous Uploads" in WHM > FTP Server Configuration area as well.

    As for the risks, the risks are high if you allow uploads for the obvious reasons of malicious file uploads. For downloads, the risks aren't as high since you are only allowing them access to download what you've placed into /home/username/public_ftp location anyway.
     
  3. Trudger

    Trudger Registered

    Joined:
    Jul 10, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Thanks so much for your informative reply. This may seem silly, but how do I access the WHM Interface?

    I'm not the person who set up WHM/cPanel originally, and the one who did is no longer involved. Unfortunately, he left me no info concerning WHM, and no one at my end knows anything about it. Thanks...
     
  4. Miraenda

    Miraenda Well-Known Member

    Joined:
    Jul 28, 2004
    Messages:
    242
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Coralville, Iowa USA
    To access WHM, you'd go to https://IP:2087/ where IP is your server's main IP. Alternatively, you can use https://domain.com:2087/ for a domain on the machine.

    Once at that location, the login credentials will be root for the username and the root password for the password. If you do not know the root password, you will need to have your provider reset it for you by rebooting the machine into singler user mode and changing the root password.
     
  5. Trudger

    Trudger Registered

    Joined:
    Jul 10, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Okay, thanks.

    Unfortunately, both links you provided yield messages that "This connection is untrusted" (Firefox) and "There is a problem with this website's security certificate" (IE).

    I suppose this means there's a problem at my end. I'll try to contact my notoriously unresponsive web host and ask what the deal is.

    Thanks again for all your help.
     
  6. Miraenda

    Miraenda Well-Known Member

    Joined:
    Jul 28, 2004
    Messages:
    242
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Coralville, Iowa USA
    Actually, those messages are only warnings for untrusted (self-signed) certificates and can be ignored. Simply accept the certificate...
     
  7. Trudger

    Trudger Registered

    Joined:
    Jul 10, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Many thanks, Miraenda! I try to err on the side of caution when it comes to such warnings, so I'm grateful for the info.

    Unfortunately, the password I use to sign into cPanel, which is the only password I have, doesn't work. So I've just sent another email to my web host in hopes that I will eventually get a response.

    Again, I appreciate the assistance you've given me.
     
  8. Miraenda

    Miraenda Well-Known Member

    Joined:
    Jul 28, 2004
    Messages:
    242
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Coralville, Iowa USA
    Certainly, you are very welcome :)
     
Loading...

Share This Page