我尝试通过 PHP 将文件上传到运行 ProFTPD 的 FTP 服务器。这以前就像一个魅力。这是代码:
$this->con = ftp_ssl_connect($CFG['BACKUP_FTP_HOST'], $port);
ftp_login($this->con, $CFG['BACKUP_FTP_USER'], $CFG['BACKUP_FTP_PASSWORD']);
ftp_pasv($this->con, true); // Returns true
ftp_put($this->con, "/path/test.txt", __DIR__ . "/test.txt", FTP_ASCII); // Returns false, local file and remote directory exists (FTP_BINARY does not work also)
有几个有趣的 PHP 警告:
Warning: ftp_put(): Unable to build data connection: Operation not permitted
如果我尝试通过 更改被动模式lftp
,它也不起作用:
lftp ftp@test.de:/> quote PASV
501 PASV: Operation not permitted
的返回FEAT
如下:
211-Features:
SSCN
SITE COPY
LANG en-US.UTF-8*;en-US
SIZE
PROT
CCC
SITE MKDIR
PBSZ
AUTH TLS
REST STREAM
UTF8
EPRT
SITE SYMLINK
EPSV
SITE UTIME
MDTM
SITE RMDIR
211 End
我认为 FTP 服务器有问题,但其他服务器可以使用该配置。另外,我可以使用 FileZilla 上传文件。使用 PHP,主动模式也不起作用。
我的proftpd.conf 的内容:
# Includes DSO modules
Include /etc/proftpd/modules.conf
# If set on you can experience a longer connection delay in many cases.
<IfModule mod_ident.c>
IdentLookups off
</IfModule>
ServerIdent off
ServerName "FTP Server"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayChdir .message true
ListOptions "-al"
DenyFilter \*.*/
# Use this to jail all users in their homes
DefaultRoot ~
# Allow continuation of uploads/downloads
AllowRetrieveRestart On
AllowStoreRestart On
# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
RequireValidShell Off
# Port 21 is the standard FTP port.
Port 21
# Workaround for nasty problem with FileZilla:
<IfModule mod_facts.c>
FactsAdvertise off
</IfModule>
# Unlimited number of concurrent connections
MaxClients none
MaxInstances none
# Unlimited number of concurrent connections per IP/user allowed
MaxClientsPerHost none
MaxClientsPerUser none
PassivePorts 60000 65535
<IfModule mod_tls.c>
TLSEngine On
# Support TLSv1 (no more SSLv3 due to POODLE attack)
TLSProtocol TLSv1
# Safe ciphers:
TLSCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
# Are clients required to use FTP over TLS when talking to this server?
TLSRequired on
# Server's certificate
TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
TLSCertificateChainFile /etc/ssl/certs/proftpd-ca.crt
TLSDHParamFile /etc/proftpd/dhparams.pem
# Authenticate clients that want to use FTP over TLS?
TLSVerifyClient off
</IfModule>
# Virtual FTP users file
AuthUserFile /etc/proftpd/passwd
# Set the user and group that the server normally runs at.
User proftpd
Group nogroup
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on
TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log
<IfModule mod_quotatab.c>
QuotaEngine off
</IfModule>
<IfModule mod_ratio.c>
Ratios off
</IfModule>
# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
DelayEngine on
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine off
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
AdminControlsEngine off
</IfModule>
# include additional configuration files
Include /etc/proftpd/conf.d/*.conf
# <EOF>-----------------------------------------------------------------------