Multiple servers

General Interworx Control Panel Info General Inquries
1

Hello,

I’d liek to know if it is possible to create a master FTP server and slave FTP server on differents box. The idea is to be able to be connected from a unique ftp adress to any siteworx account on differents box.

Ok let’s me explain this :

I have few server whom host web sites.

With one server I may propose to my customer to connect them to their FTP account under my ftp domain name adress (ftp.toto.com)

But with few servers how to do that ?
How Siteworx account, whom will be on other servers, may connect to their account under my unique ftp adress.

for example :
box1 hosts :

Cust1 and cust2 may connect to their FTP account with this adress : ftp.toto.com

box2 host :

How cust3 and cust4 may connect to their account with ftp.toto.com

this able my customer to connect to their account with ftp without wait world dns reslove their domain name with the new name servers. (I have the solution to ask them to edit their hosts file too)

With the same idea, is there a solution to give them the ability to connect to their account with something like http://toto.com/~myaccount. I don’t want to create subdomains to give them test account like test1.toto.com

Any solutions ?

Thanks

2

Somethin i’ve been wondering abou too…
No idea anyone? :slight_smile:

3

  1. There are a few ways to do this. Either use the server’s hostname, give out the IP address of the server or setup a temp domain for each client. We use the 3rd option here but any of them are valid.

  2. You can use Apache’s ‘UserDir’ directive to setup ~username accounts. A few clients have done this but I don’t have a code snippet handy, it should be farily trivial, just search apache’s site for UserDir.

Chris

4

“or setup a temp domain for each client”

I don’t really see what you mean exactly.

  1. You can use Apache’s ‘UserDir’ directive to setup ~username accounts. A few clients have done this but I don’t have a code snippet handy, it should be farily trivial, just search apache’s site for UserDir.

Great I’ll further investigate.

Thanks Chris

5

I’ve done some checking:

Lines 377-389 of /etc/httld/conf/httpd.conf

UserDir public_html

Control access to UserDir directories. The following is an example

for a site where these directories are restricted to read-only.

#<Directory /home/*/public_html>

AllowOverride FileInfo AuthConfig Limit Indexes

Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec

<Limit GET POST OPTIONS PROPFIND>

Order allow,deny

Allow from all

</Limit>

<LimitExcept GET POST OPTIONS PROPFIND>

Order deny,allow

Deny from all

</LimitExcept>

#</Directory>

On my first server (NOT and InterWorx box) the file was different and you just commented out or uncommented out if you wanted to give people access to the user directory. I can’t seem to find this in InterWorx’s httpd.conf or in the domainname.com.conf files (they are all just virtual hosts).

It bears mentioning that this is usually commented out (turned OFF) because some people consider it a security risk due to the fact that by visiting

http://[your-host]/~username

it cofirms the existance of that user name on the server.

Good Luck

Tim

6

yes Tim I have had a look too.

But for me it shouldn’t work, because :
#<Directory /home/*/public_html>

doesn’t exists on an interworx box.

But maybe I have wrong.

I’ve done some tests and it doesn’t work when in the virtualhost I create something like this :
Edit a file in /etc/httpd/conf.d/toto.com.conf

UserDir /home/*/toto.com/html

And yes you right this is a hole in the security.

Do you understand what Chris mean by :

  1. There are a few ways to do this. Either use the server’s hostname, give out the IP address of the server or setup a temp domain for each client. We use the 3rd option here but any of them are valid.

Thanks a ton.

7

Yes I understood what he meant, you have to understand that this has nothing to do with users on your virtual hosts, but rather users on your server, for example the Linux user totocom (or whatever yours is).

You need to provide the server name or IP to access the user directory:

http://[your_hostname_or_IP]/~totocom/

http://www.toto.com/~totocom/ WILL NOT WORK because there is no user totocom on the virtual host/domain toto.com

As for the fact that public_html not existing just edit the file to something that DOES exist or create the directory

/home/totocom/public_html/

This is probably the best thing to do because as you can see it does not allow this person access to the root of your website which would be

/home/totocom/toto.com/html/

I’m not doing this on my box because as mentioned it is a seciity problem but go a head. This SHOULD work.

If you try it make sure to chown and chgrp the new directory to the totocom user:

chown -R totocom /home/totocom/public_html/
chgrp -R totocom /home/totocom/public_html/

if you created the directory in the shell under a different user.

Good Luck and let is know how things go.

Oh, and this reminds me of something else for Chris:

How come I can’t su - to a siteworx user (eg su - transwar)? I understand why login does not work (security) but why not su?

[root@centos html]# su - transwar
This account is currently not available.
[root@centos html]#

Thanks.

8

Thanks tim :slight_smile:

I’m found how I have to configure the /~accoutn/ with usedir.

But the

  1. There are a few ways to do this. Either use the server’s hostname, give out the IP address of the server or setup a temp domain for each client. We use the 3rd option here but any of them are valid.

should be about my multiple FTP server extension :slight_smile:

About usedir, the fact is that I’ll create in the virtualhost of a user account a usedir directive as something like :

<Directory /home/useraccount/userdomain/html/>

I think It should work.

As this is a security hole, I’d only do a test :slight_smile:

But on the net there is few discussion to how protect the scan.

AnyWay, thanks for your help.

Pascal

9

no problem. I did a lot of reading about Apache and the config file when I got my first server (sans InterWorx) because I was trying to get it configured manually with Webmin (VirgualMin was new and the one I tried kept causing SuExec errors causing me to comment that line out every time I created a new domain because it brought down Apache), so I do have some understanding inthis are :slight_smile: