Archive for February, 2010

Configuring a (more-or-less) Secure FTP Site on Windows 2003

Friday, February 12th, 2010

For a long time we have had an FTP site that we used for transferring files around inside our firewall.  No one from the outside world had access so security wasn’t a concern.  We allowed anonymous FTP access and life was good.

Then we suddenly had a need to allow people from outside the firewall to upload files to our server.  It would have been too much trouble to change our existing site to forbid anonymous access because we had a lot of automated processes in place that expected to be able to log on anonymously.  So we chose to set up a second FTP site on the same server that would require users to log on with a specific user id and password and to be restricted to their own home directory once they were connected.  This turned out to be both easier and more difficult than you would expect.