FTP (File Transfer Protocol) is a widespread and fast way of moving files from one computer to another. It allows clients to both upload and download files. Many browsers include FTP support, and stand-alone FTP client applications are also available.
Uploading : to transfer Files from a client machine to the FTP server.
Downloading : Transfer files from the server to the client.
WebSTAR FTP provides controlled access to your server folders using this protocol. You can create users who have to log in with a name and password, and specify which folder (and subfolders) they can view, and so on.
In addition, you can create a public FTP area. According to the FTP conventions, anyone can download data from this area by logging in with the name "anonymous". For information, see Anonymous FTP .
For step-by-step instructions for getting started, see Connect To Your FTP Server .
The WebSTAR FTP server does not take advantage of the Web server's File Info Cache and the Data Cache: it accesses the disk directly.
However, when a user uploads a file using WebSTAR FTP, the server sends a message to flush the caches. This automatically flushes the File Info Cache and the Data Cache, and sends a message to third-party Plug-Ins to flush their caches as well.
WebSTAR FTP provides a great deal of flexibility in choosing what folders are visible to FTP users, but this can compromise your server security if you are not careful. In addition, FTP passwords are not protected so anyone monitoring your data stream might be able to extract them and have access to your server folders.
With WebSTAR FTP, you can give users access to any folder on any mounted drive. This is a powerful feature, but should be used with caution. Each FTP user can access all the subfolders within their root folder, but they cannot see any other folders on the disk. You can specify the maximum amount of data that can be inside that folder, which gives you reassurance that uploads will not take all the space on your hard drive.
FTP root folders can be in the WebSTAR folder, in another folder on the hard drive, in a separate partition or on another hard drive. This allows you to take best advantage of your available disk space, but can cause major security risks, so think carefully before you designate the root folder.
In addition to local files and folders, WebSTAR FTP will attempt to follow aliases to other files and folders. Be sure that you know what aliases you include in FTP folders.
If an FTP client attempts to open a folder with an alias to an unmounted network volume, the WebSTAR server machine will attempt to mount it. If a volume password is required, or the volume is unavailable, this may stop or slow your server until someone dismisses the alert on the WebSTAR server machine.
In general, you should allow FTP access to carefully specified folders, which contain limited amounts of material, and which do not include private or confidential data.
WebSTAR FTP will not display or allow the transfer of WebSTAR control files (files with a Creator Code starting with "WWW"). These include WebSTAR application and Plug-In files.
FTP users can also download applications, so you can distribute programs you have written or otherwise have the rights to. Make sure that you and any users with FTP upload privileges do not distribute commercial software.
FTP passwords are always sent as plain text. This is a security problem: if someone is monitoring your data stream, or that of one of your users, they can see the password clearly. They could then use the password to use your server for their own purposes, such as, passing pirated software or hacking your web site. The limits on FTP folder size can only help to a certain extent. To avoid this, limit user access to certain very specific folders.
If you use FTP to update your web site, try to use a "staging" folder for storing changes, and then transfer the changes to the main folder using another protocol. If you must use FTP to access your main server folder, change your password often.
All FTP requests and responses are logged. You can watch your FTP server usage in the WebSTAR Admin Monitor window, and check your server logs for any unauthorized transfers regularly. For more information, see FTP Monitors & Logging .
The WebSTAR FTP Server supports the following FTP data types:
If an FTP client attempts to get a resource-only file without using MacBinary, WebSTAR FTP will send back an error. The solution is to put the FTP client into MacBinary mode.
For server settings, see Use MacBinary for .bin files .
You can have the FTP server respond to requests for multiple hosts on the one server. FTP servers don't have to match the domain with any particular file (unlike Web servers), and WebSTAR FTP doesn't use the Web server's Virtual Hosts settings.
To respond to FTP requests for your other host and domain names, work with your ISP or network administrator to add an alias record ("CNAME") in the hosts's DNS record.
For more information, see DNS .
For example, you can add a CNAME alias from ftp.domain.com to www.domain.com. FTP requests for the second domain name will be automatically routed to your WebSTAR FTP server.
If you run several servers, you may want to distribute FTP requests among them. WebSTAR FTP Server and the QuickDNS Load Balancer Plug-In allow QuickDNS Pro from Men and Mice, to track the FTP server load and distribute requests to the least used server.
See also: WebSTAR QuickDNS Load Balancer .
With most web browsers, it's very easy to link to FTP, using the URL " ftp:// ". For example, to see the WebSTAR Update directory, use this URL:
ftp://ftp.starnine.com/pub/updates/webstar/
In this case, the folder has anonymous access, so it will display immediately.
You can also create a link to a file, rather than a folder, and it will start downloading right away. Just put the file name as part of the URL, like this:
ftp://ftp.starnine.com/pub/updates/webstar/readme
For private folders, the browser will display a login dialog, and you'll have to enter a user name and password. Then the browser will display the folder listing or start downloading a file.
See also: FTP Users: Access Control .
You can also use FTP URLs with a user name and password included. To do this, include the user name, a colon, the password, and an at sign ("@") before the host name:
ftp://HumanResources:hM3z9s@www.domain.com/humres/news.html
Most FTP clients can take this apart and send the correct URL and login information to the server. Be sure to test this before publishing such URLs, and limit the data in these folders carefully.
You should use only letters, numbers and standard punctuation in the folder and file names. Do not use the / (slash) or : (colon) characters in file names . If you must use other characters, such as spaces, in file names, you'll have to encode the URLs, as described in Macintosh Special Characters in File Names .