New Ideas and New Domains

Thoughts

Wouldn’t it be awesome to think of a great idea, make something out of it, and then get rich? It’s a common dream among most of the people my age right now. There’s just something definitively exciting about creating something, having it wanted by many other people, and then making a lot of money. Of course, it’s never that easy.

I always think it’s kind of funny when people are semi-serious about “making it big” because of “some idea” that they have. Why waste time and energy with talk? If you want to do something, do it. If not, you’re just daydreaming. Take the time to do the research, gauge how much energy you have for the project, and then dive in. Anything less is just a waste of everybody’s time.

Pointing a Domain to a Separate Nameserver

Which brings me to something that I wanted to make a note of today. I registered a domain name (namecheap.com) today. I forgot how cheap it is to do that! I paid like $10 for an entire year. For the price of an expensive hamburger, it’s not too bad for taking the first step to reserve an idea.

After ponying up the cash I had a domain but nothing behind it. Turns out that pointing a new domain to existing webspace is pretty easy. I already have a web host, so I just had to configure the domain to point to my existing nameserver.

  1. For your new domain, find a way to “Transfer DNS to Webhost.” This makes it so that your webhost can manage all the DNS pointers in regards to your domain.
  2. On your webhost, assign a domain name pointer to point to a directory in your file structure.

And that’s it! Super easy.

Setting up a home FTP server using Windows Server 2008 R2

Overview

Today I decided to set up a home FTP server. Although my web host already provides some space for me to FTP files into, having a personal FTP server allows me to send files directly to my own personal archive. As an added benefit, I don’t have to worry about hosting copyrighted files on the public-facing internet!

My environment:

  • Windows Server 2008 R2 Server
  • Asus Wireless Router RT-AC66U
  • Filezilla Client
  • Purchased domain

 


Steps

Part 1: Install the IIS FTP Server Service

  • Open Server Manager, go to Roles and click “Add Roles”

1.png

  • In the Add Role Wizard, select Web Server (IIS) role to install

2.png

  • Click Next until you reach Select Role Services page, leave the default and check FTP Server, FTP Service and FTP Extensibility at the bottom. Click Next, follow the wizard and finish the role installation.

3.png

  • Now open IIS Manager from Start > Administrative Tools, expand the server, right click Sites, and click Add FTP Site, give it a site name and configure the physical path as needed.

4.png

  • Configure Binding and SSL. In my case, I chose “Allow SSL” and assigned my server identity certificate (different than the image below). This allows secure FTP connections later on.

5.png

  • Enable Basic Authentication and configure authorization. In our case I’ll start with allowing All users both Read and Write permission as long as all the users on the server are password protected.

6.png


Part 2: Configure the IIS FTP Server Service

  • In Server Manager, click the server. Go to FTP Firewall Support and choose a range of ports. In my case, I chose 50,000 to 50,004
  • Screen Shot 2015-08-17 at 8.42.29 PM
  • Click the actual FTP site. Go to FTP Firewall Support and type in the external IP address of your FTP site.
  • Screen Shot 2015-08-17 at 8.52.52 PM
  • In Windows Firewall make sure to open the correct ports so that the server can send/receive FTP traffic. In my case, I opened 21 and 50000-50004
  • 7.png
  • 8.png

 


Part 3: Configure router ports

Once the server connections are configured for FTP traffic, you have to make sure that your proxy allows the connections as well. Since mine is just a homelab, I have to forward all the connections on the router level. Forwarding port 21 immediately allows connections to the FTP server! Viewable from Chrome:

ftp.screenshot

At this point, FTP clients can connect to the FTP server, but actual file downloads/uploads will not work. In order for a client to both download and upload files, data connections must be open from the extranet to the internal network as well. In my case, I chose ports 50000-50004, so these had to be open on both the server firewall and router level. Here’s a screenshot from my Asus Wireless Router RT-AC66U:

Screen Shot 2015-08-17 at 8.23.11 PM

 

 


Part 4: Configure the Filezilla client for active mode

By default, Filezilla uses passive connections. Here’s how to configure the client:

  1. In FileZilla, click on Edit | Settings.
  2. Under Connection, click on FTP and choose Passive as the Transfer Mode.
  3. Under Connection, under FTP, click on Passive mode and choose “User the server’s external IP address instead”
  4. Add the external URL of your FTP site as a connection point and configure it for secure FTP

Source: https://wiki.filezilla-project.org/Network_Configuration

 


Success

And just like that, I have a working home ftp server! Successful connection:

Status: Connecting…
Status: Connection established, waiting for welcome message…
Status: Initializing TLS…
Status: Verifying certificate…
Status: TLS connection established.
Status: Connected
Status: Retrieving directory listing…
Status: Directory listing of “/” successful

Successful file download and upload:

Status:       Connection established, waiting for welcome message…
Status:       Initializing TLS…
Status:       Verifying certificate…
Status:       TLS connection established.
Status:       Connected
Status:       Starting download of /test.junservftp.txt
Status:       File transfer successful, transferred 0 bytes in 1 second
Status:       Starting upload of /Users/junsungwong/Downloads/header.jpg
Status:       File transfer successful, transferred 144182 bytes in 1 second

Related Notes

  • Use an SSL certificate for secure connections
  • In FileZilla, if you see any colored text (blue/green) your client is probably trying to use passive connections. You can configure the FileZilla client to use active connections, in which case the log will only show black text.
  • Setting up passive FTP connections is more dangerous for your server
    • “As explained earlier, if you’re administering an FTP server, it would be best for you to configure your server to support passive mode FTP. However, you should bear in mind that in doing so, you would be making your system more vulnerable to attacks. Remember that, in passive mode, clients are supposed to connect to random server ports.”
    • http://www.jscape.com/blog/bid/80512/Active-v-s-Passive-FTP-Simplified
  • Active FTP:
    • Client connects to server on port 21 (command channel)
    • Server connects to client on port 20 (data channel)
  • Passive FTP:
    • Client connects to server on port 21 (command channel)
    • Clients connects to server on random port (data channel)