got a wierd issue here.
We can create FTP users on SolidCP.
When the created user tried to login from this FTP client (such as Filezilla) they all get error 530 user cannot log in, home directory inaccessible.
I used the old Website Panel configuration for FTP settings so we did use Isolation mode.
I did check the FTP user Group and it is there on the FTP Server in IIS with read only permissions.
Is there something I am missing?
Any help would be great.
For this issue it’s important what your using.
so for example if your using Filezilla –> It’s important your filezilla user has access to the directories.
If your using IIS FTP, the most easy way is to let SolidCP set the default FTP site up for you (this should come with the right perms set).
Do note for basic hardening removing users group from disk level, creating administrator file access group with users (like solidcp server / administrators / filezilla ftp user, etc) -> with full perms, and adding network service + Local service accounts with read + execute permissions would be needed to properly harden your server.
thanks for the fast response.
- the FTP Server is using Microsoft FTP through IIS
- We just used the default FTP site setup
After the FTP role was installed on Windows 2012r2, I went into IIS –> default FTP and selected “FTP User Isolation”, then in the dialog box i selected “User Name Directory”
The only other thing I did differently afterwards was I selected default FTP and then back to bindings and I added another ftp bind. So the original binding to port 21 is there, then I added the same IP and made another port number 21345.
So in the end, the binding has port 21 and port 21345.
Not sure if that caused a problem or not, but when i started having issues with the FTP user, I removed the port 21345 binding and restarted FTP service.
Then I removed the FTP user from SolidCP and re-added a new user, but still have the same issue.
Not sure where to troubleshoot this one.
I just found the issue.
The FTP User Role that I created did not match the FTP User Group Name in the SolidCP Panel. I corrected the name in SolidCP, i deleted the FTP accounts and re-created the accounts after the fix. And now they all work.
Sorry to bother you on this.
I am usually very accurate to these settings, I guess I was just excited to try out SolidCP 🙂
Hopefully this will help others as well as this can be easily missed!
- Views4625 times
- Answers7 answers