40.16. Limiting Uploads
If clients are allowed to upload files to your server, they will be able to choose any name that they wish for uploaded files. Sometimes this is not desirable; however, you may want to allow the storing of only image files whose names end with .gif or .jpg, or prevent the uploading of Windows executables with filenames ending in .exe or .com. Fortunately, ProFTPD has configuration options that allow you to set this up.
There are also several other settings that apply to uploads that can control whether clients are allowed to overwrite files and whether partially transferred files are visible. All can be set globally for a single virtual server or for anonymous clients only. To set these options, complete the following steps:
1. | If you want the settings to be global, click on the Files and Directories icon on the module's main page. To have them apply to just a single virtual server, click on its icon and then on Files and Directories. Or, to effect just clients that log in anonymously, click on a virtual server icon, then on Anonymous FTP, and finally on the Files and Directories icon on the virtual server options page. No matter which configuration object you chose, the files and directories form that appears will be almost identical. |
2. | To hide files that are in the process of being uploaded, change the Hide files during upload? field to Yes. This tells ProFTPD to use a temporary file whose name starts with .in. for transferred data, which is only renamed to the real filename when the upload is complete. This prevents incomplete uploads, and stops files from being downloaded or accessed while they are still being sent. |
3. | To have ProFTPD delete uploaded files that are not fully transferred, select Yes for the Delete aborted uploads? field. Again, this prevents corrupt, partially uploaded files from being created on your system. |
4. | To allow users to only create files whose relative names match a certain pattern, fill in the Allowed uploaded filename regex field with a Perl regular expression. For example, to allow only GIF files, you might enter ^.*.gif$. Because clients are normally allowed to rename files, this option alone is not enough to stop the creation of invalid filenames. You will also need to block access to the RNFR command, as explained in Section 40.12 “Restricting Access to FTP Commands”. |
5. | You can also block the use of certain filenames by filling in the Denied uploaded filename regex field with a regular expression like ^.*.exe$. If both this and the previous field are set, only files that match the allow expression, but not this deny expression, will be permitted. Another common use of this option is blocking the upload of .ftpaccess or .htaccess files, which set per-directory ProFTPD and Apache options. |
6. | Hit the Save button at the bottom of the page. |
7. | If you want to stop clients overwriting files with new uploads, click on the Access Control icon and change the Allow overwriting of files? field to No. This can be useful on a server that allows anonymous users to upload to a particular directory, perhaps for incoming files of some kind. Remember to click Save if you make this change. |
8. |
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.