FTP Service

Web Ten includes a high-performance, full-featured file transfer service that does not rely on AppleShare. The File Transfer Protocol (FTP) is included as an integrated component of Web Ten . The FTP service supports content uploading to Web Ten . Web Ten 's FTP service provides password-protected FTP access to separate access points (i.e., different virtual hosts) for each FTP user. The FTP server can also be configured to permit or deny anonymous FTP access. Anonymous FTP access is always directed to a unique access point not associated with any virtual host.

File Encodings

The Web Ten FTP server supports text and binary file transfers. By default, only the data fork of any file is transferred. It is possible to transfer complete Macintosh files, including their creator and type fields and their resource forks, by encoding these files in either MacBinary or AppleSingle format. The Web Ten FTP server uses the file extensions ".bin" and ".as", respectively, to indicate MacBinary or AppleSingle file encodings.

The Web Ten FTP server also observes the MACB command for MacBinary encoded file transfers. The MACB command is widely used by Macintosh FTP clients, including Fetch. These clients typically detect that the FTP server is capable of supporting the MACB command, and then automatically handle all file translation encodings. Users of non-Macintosh FTP clients may choose from various encoding mechanisms to transfer files from their systems to the Web Ten system.

Downloading Files via FTP

To download text files from the Web Ten FTP server, the client FTP program should specify the FTP ASCII or Text mode for file transfers. In this mode, the Web Ten FTP server will always deliver the data fork of the Macintosh file, and the textual data will always be translated to the standard FTP text format. Presumably the client FTP program will translate the incoming data from the standard FTP text format to the native text format for the host system.

It is possible to download text files using the FTP Binary or Image mode of file transfer. In this mode, the Web Ten FTP server will deliver the data fork of the Macintosh file, but it will not translate the textual data. The text will be delivered in the exact format as it is stored in the Macintosh text file.

To download binary files from the Web Ten FTP server, the client FTP program should specify the FTP Binary or Image mode of file transfer. In this mode, the Web Ten FTP server will, by default, transfer the data fork of the Macintosh file in the exact format as it is stored in the file.

Complete text or binary Macintosh files (including the creator and type fields and the resource fork) can be transferred from the Web Ten FTP server in a number of ways. The FTP client program can specify the MACB command to the FTP server, requesting it to encode files using the MacBinary file format. The popular Macintosh FTP client "Fetch" issues this command immediately upon connecting to the Web Ten FTP server, and thus transfers all files to and from the server in MacBinary mode. A client FTP program can also use the extension ".bin" to request that a file be transferred in MacBinary format. For example, to transfer the file " tenlog1.gif " in MacBinary format, the FTP client can request to transfer the file " tenlog1.gif.bin ".

Complete Macintosh files can also be encoded in the AppleSingle file format. To request AppleSingle format, a client FTP program must add the extension ".as" to the file it is requesting to transfer. For example, to transfer the file " tenlog1.gif " in AppleSingle format, the FTP client must request to transfer the file " tenlog1.gif.as ".

Uploading Files via FTP

To upload text files to the Web Ten FTP server, the client FTP program should specify the FTP ASCII or Text mode of file transfer. In this mode, the Web Ten FTP server will always write to the data fork of the Macintosh file, and the textual data will always be translated from the standard FTP text format to the Macintosh text format. In addition, the uploaded file will be given the Macintosh type "TEXT" to correspond with its textual data.

To upload binary files to the Web Ten FTP server, the client FTP program should specify the FTP Binary or Image mode of file transfer. In this mode, the Web Ten FTP server will, by default, write to the data fork of the Macintosh file in the exact format as the data is delivered by the FTP client. If the file existed before the upload took place, the file's type field will not be modified. If the file did not exist before the upload, the file will be given the "BINA" type, corresponding to its binary data. The file's creator will be set to "MUMM".

Uploaded text files using the FTP Binary or Image mode are treated identically to binary files by the WebTen FTP server.

Complete Macintosh files (either text files or binary files) can be uploaded to the Web Ten FTP server in a number of ways. If the files to be uploaded are encoded in the MacBinary file format, the FTP client program can specify the MACB command to the FTP server. The popular Macintosh FTP client "Fetch" issues this command immediately upon connecting to the Web Ten FTP server, and thus transfers all files to and from the server in MacBinary mode. A non-Macintosh client FTP program can use the extension ".bin" to upload a file in MacBinary format. For example, a file named " tenlog1.gif.bin " would be interpreted by the Web Ten FTP server as a MacBinary file. After the transfer is complete, the FTP client can rename the file and remove the ".bin" extension.

Complete Macintosh files can also be uploaded in the AppleSingle file format. A client FTP program can use the extension ".as" to upload a file in AppleSingle format. For example, a file named " tenlog1.gif.as " would be interpreted by the Web Ten FTP server as an AppleSingle file. After the transfer is complete, the FTP client can rename the file and remove the ".as" extension.

Uploading and Executing CGI Scripts

The default Web Ten configuration has a strict policy on CGI script upload and execution. Web Ten will permit the uploading of CGI scripts only into the main

/cgi-bin folder and only for an FTP user configured for access to the content folders of all virtual hosts. Web Ten by default will permit the URL-based execution of CGI scripts by network browsers only from the /cgi-bin folder.

You may override the policy regarding uploading of CGIs by modifying the ftpaccess file in the tenon/etc folder.

This might be necessary if, for example, you created individual cgi-bin folders within each virtual host's content tree on your system and wanted to give unrestricted CGI upload access to the folder to FTP users configured for access to each individual virtual host.

In this case, you would add a directive to the ftpaccess file(using a utility such as BBEdit) that reads:

upload /usr/local/etc/httpd/WebSites/yourvhost.com /cgi-bin yes webten webten 0755

The first path parameter of the "upload" directive must exactly match the home directory of the configured FTP client. FTP client home directories are configured via the Users form in the Web Ten Administration Server. The second path parameter is the relative path from the FTP home directory to the folder to contain the CGIs.

Once configured for FTP upload access, CGIs to be run outside of the main /cgi-bin folder must be given permission to be browsed using the Web Ten Administration Server. Use the cgi-script Action Handler override described in the "Access Controls" section to permit URL-based execution of the CGI.

The folder name cgi-bin has a special function and capability under Web Ten . If you create individual cgi-bin folders within the document root folders of each virtual host, follow the additional instructions described in the See Customizing WebTen section of See Appendix C.

FTP Settings

The FTP Settings table contains some options that control the Web Ten FTP service. The FTP server is an integrated component of Web Ten and is designed to provide separate access points based on virtual hosts for different FTP users. The FTP server can also be configured to permit or deny anonymous FTP access, and FTP transfers can be logged for either anonymous or password-based accesses.

FTP Settings Table

FTP Status

FTP service is controlled by the Enable FTP checkbox in the Web Ten See Preferences. FTP service should be disabled if another FTP server is being used in conjunction with Web Ten on the same machine. When enabled, FTP service for both anonymous access, password access, or both can be explicitly set. The default Enable FTP setting is " Off" .

Anonymous

The Anonymous checkbox enables or disables anonymous FTP access. When a user accesses the Web Ten system via anonymous FTP, the Web Ten FTP server automatically places that user in the FTP folder inside the Web Ten folder. Anonymous FTP users are thus restricted from accessing any other folders on the Web Ten system. The FTP folder contains some default sub-folders which provide different kinds of access to the anonymous FTP clients.

The pub folder is the generic placeholder for documents targeted for public consumption. Anonymous FTP users can get files from this folder, but they cannot put files into this folder, or modify any files within this folder. Generally the Web Ten administrator controls the organization and contents of this folder. However, password-based FTP users can place files in this folder if their FTP Home folder is either All Virtual Hosts or Anonymous FTP .

The hidden folder provides a level of security by obscurity. Anonymous FTP users cannot list or see any of the files within this folder, but if they know the exact name of the file they are looking for, they can get that file from this folder.

The incoming folder provides a place for anonymous FTP users to put files on this server. Generally these files are deposited here for consumption by the administrator of the Web Ten system. Anonymous FTP users cannot list or see the files in the incoming folder, so other anonymous FTP users cannot get a file deposited by a different FTP user unless they know the exact name of that file.

User-Pass

The User- Pass checkbox enables or disables password-based FTP access. When a user accesses the Web Ten system via an FTP user name and password, the Web Ten server automatically places that user in the folder indicated by the FTP Home setting for that user.

Password-based FTP users can read or write files into the folders to which they have access.

Limit

The Limit setting controls how many simultaneous sessions the Web Ten FTP server will permit for each class of FTP service. Subsequent attempts to FTP into the server will be denied when this limit is reached. A message is provided to the FTP client that the limit has been reached and that they should try again later.

Logging

The logging checkbox controls whether or not FTP transfers are logged for each class of FTP service. The Web Ten FTP server logs FTP transfers in the logs/FTP.log file. The contents of this file can be viewed by clicking on the FTP Log button.

Virtual Anonymous FTP Service

Web Ten 's FTP server supports virtual or "multihomed" anonymous FTP service for each IP address Web Ten is serving. The virtual FTP service allows an anonymous FTP user to connect to "ftp1.domain.com" and receive one FTP banner message and content location while another anonymous FTP user connecting to "ftp2.domain.com" receives another banner and location, even though they are on the same machine and port.

Note that password-based FTP clients (all users other than the "anonymous" user) have an explicit home folder under Web Ten and will be placed in that home folder regardless of which server domain name or IP address they use to connect to the server. Configuration of FTP users and their home folders is discussed in the "Users" section of this manual.

Follow these steps to configure one ore more virtual anonymous FTP server under Web Ten :

Set up any number of IP-based virtual hosts using the Web Ten Administration Server (IP-based virtual hosts require Tenon networking, so you must replace OpenTransport in the Web Ten preferences).

Create unique folders to contain the content for each virtual hosts anonymous FTP server:

Use the Finder to duplicate the ftp folder in the tenon/templates/ folder. Rename the folder, assigning it a unique name (for example, ftp-virtual1 ). Move the folder to the top-level Web Ten folder. This "home" folder will contain the content for an anonymous virtual host. Perform this step for one or more of the IP-based virtual hosts you have configured under Web Ten .

Edit the tenon/etc/ftpaccess file and add lines similar to the following for each virtual host requiring its own virtual anonymous FTP service:

virtua l 192.1.2.3 /usr/local/etc/httpd/ftp-virtual1 /nobanner

virtual 192.1.2.4 /usr/local/etc/httpd/ftp-virtual2 /usr/local/et c/httpd/ftp-virtual2/banner.msg

The first argument is the IP address of the virtual FTP server. The IP address matches one of the IP-based virtual hosts you configured using the Web Ten Admininistration Server. The second argument is the path to the "home" folder created in the previous step, and the third argument is a file containing the banner to display to the FTP client upon login. Use /nobanner to display no login banner.

Host Header-Based Anonymous FTP

Anonymous FTP access to a header-based virtual host will be placed in the anonymous FTP home directory of the IP virtual host whose IP address appears in a "virtual" directive in the ftpaccess file.