Wiki source code of FTP(S)
Last modified by Aurelie Bertrand on 2026/01/12 16:46
Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | {{ddtoc/}} | ||
| 2 | |||
| 3 | ---- | ||
| 4 | |||
| 5 | = Requirements = | ||
| 6 | |||
| 7 | * An FTP(S) server (example: FileZilla Server) | ||
| 8 | * Check your server settings so that you can apply them to the configuration of the FTP(S) client in Digdash | ||
| 9 | * Open the necessary ports so that Digdash can communicate with your FTP(S) server | ||
| 10 | * An externally visible IP address for a passive mode FTP connection (see below) | ||
| 11 | * In this document we will call : | ||
| 12 | ** P: the FTP server port (default 21) | ||
| 13 | ** PE: the explicit FTP port on TLS (by default P = PE = 21) | ||
| 14 | ** PI: the implicit FTP port on TLS (default 990)((( | ||
| 15 | You will need to adapt to the ports you use if they are not the default ones. | ||
| 16 | ))) | ||
| 17 | |||
| 18 | = Creating a new FTP(S) file server = | ||
| 19 | |||
| 20 | You can create a new FTP(S) file server from the Studio. | ||
| 21 | |||
| 22 | 1. In the Studio, click the **Managers **button in the left-hand sidebar, then select **Servers**. | ||
| 23 | ➡ The **Server URL Manager** dialog box appears. | ||
| 24 | 1. Click on the **+** button to the right of the search bar and then, in the menu that appears, select the type of server: FTP or FTPS. | ||
| 25 | ➡ The **Add a file server** box appears | ||
| 26 | 1. Fill in the fields as described in the Server configuration paragraph below. | ||
| 27 | |||
| 28 | = (% style="color:inherit; font-family:inherit; font-size:29px" %)Server configuration(%%) = | ||
| 29 | |||
| 30 | == Server name == | ||
| 31 | |||
| 32 | Give your new FTP(S) document server a name. | ||
| 33 | |||
| 34 | == URL == | ||
| 35 | |||
| 36 | Enter the IP address of your FTP(S) server in this field. | ||
| 37 | |||
| 38 | == User document path == | ||
| 39 | |||
| 40 | Digdash will browse the files from this path on the FTP(S) server. If empty, Digdash will browse from the root. | ||
| 41 | |||
| 42 | == Exploring sub-folders == | ||
| 43 | |||
| 44 | You can limit the level of exploration from your document path. | ||
| 45 | |||
| 46 | By default, the document search is recursive and will search all sub-folders. | ||
| 47 | |||
| 48 | |**Fields**|**//Browse subfolders//**|(% colspan="2" %)**//Subfolder level//** | ||
| 49 | |(% rowspan="2" %)Values|Enabled|((( | ||
| 50 | Empty | ||
| 51 | |||
| 52 | Default value, recursive exploration of all sub-folders | ||
| 53 | )))|((( | ||
| 54 | N > 0 | ||
| 55 | |||
| 56 | All N sub-folders will be searched | ||
| 57 | ))) | ||
| 58 | |Off|(% colspan="2" %)((( | ||
| 59 | 0 | ||
| 60 | |||
| 61 | No exploration in sub-folders, only in the current directory | ||
| 62 | ))) | ||
| 63 | |||
| 64 | == Read only == | ||
| 65 | |||
| 66 | Only reading is possible if this option is enabled. | ||
| 67 | |||
| 68 | == Name == | ||
| 69 | |||
| 70 | Enter your user name in this field. | ||
| 71 | |||
| 72 | == Password == | ||
| 73 | |||
| 74 | Enter your user's password in this field. | ||
| 75 | |||
| 76 | = Active / passive mode{{id name="Mode_FTP"/}} = | ||
| 77 | |||
| 78 | The notion of active and passive mode is extremely important when using FTP with firewalls: | ||
| 79 | //Source: [[https:~~/~~/wiki.filezilla-project.org/Network_Configuration>>url:https://wiki.filezilla-project.org/Network_Configuration]]// | ||
| 80 | |||
| 81 | === Active mode === | ||
| 82 | |||
| 83 | From the point of view of the firewall __**on the FTP server side**__, the following communication channels must be open to support FTP active mode: | ||
| 84 | |||
| 85 | * port P (21) from anywhere (the Client initiates the connection) | ||
| 86 | * port P (21) open to ports > 1023 (Server responds to Client command/control port) | ||
| 87 | * port P-1 (20) open to ports > 1023 (the Server initiates the data connection to the Customer's data port) | ||
| 88 | * port P-1 (20) from ports > 1023 (Client sends notification to Server data port) | ||
| 89 | |||
| 90 | **Active mode options** | ||
| 91 | |||
| 92 | By default, in active mode, the Client asks the operating system for the machine's IP address and an available port. This configuration will only work if you are directly connected to the Internet without a NAT router and have configured your firewall to allow incoming connections on ports > 1024. | ||
| 93 | |||
| 94 | If you have a NAT router, you will need to specify your external IP address as an option. | ||
| 95 | |||
| 96 | You can also limit the number of communication ports in active mode. | ||
| 97 | |||
| 98 | === Passive mode (recommended) === | ||
| 99 | |||
| 100 | From the point of view of the firewall __**on the FTP server side**__, the following communication channels must be open to support passive FTP mode: | ||
| 101 | |||
| 102 | * port P (21) from anywhere (the Client initiates the connection) | ||
| 103 | * port P (21) open to ports > 1023 (Server responds to Client command/control port) | ||
| 104 | * ports > 1023 from anywhere (the Client initiates the data connection to a random port specified by the Server) | ||
| 105 | * ports > 1023 open to ports > 1023 (Server sends notification (and data) to Client data port) | ||
| 106 | |||
| 107 | Particularly for passive mode, the FTP Client by default only sees the local IP address of the server machine, which is not accessible from the outside. | ||
| 108 | |||
| 109 | You will need to configure your FTP server's passive mode settings to specify an IP address that is visible from the outside. We'll use a FileZilla Server FTP server as an example to illustrate our point: | ||
| 110 | |||
| 111 | [[image:ftp(s)_fr_html_d3a33387067e1ebb.png||queryString="width=554&height=386" data-xwiki-image-style-alignment="center" height="386" width="554"]] | ||
| 112 | |||
| 113 | = FTP mode over TLS{{id name="TLS"/}} = | ||
| 114 | |||
| 115 | To work with a secure FTP server (FTPS), you need to select the required protocol in the configuration settings: | ||
| 116 | |||
| 117 | Source : [[www.attachmate.com>>path:/xwiki/bin/create/www/attachmate/com/WebHome?parent=Digdash.deployment.Document_managers.ftps.WebHome]] | ||
| 118 | |||
| 119 | * **Explicit FTP mode over TLS**: By default, the FTP client establishes SSL/TLS connections using explicit security. To establish the SSL connection, explicit security requires the FTP Client to send a specific command (AUTH TLS) to the FTP server after establishing a connection. If the server responds correctly, the client begins TLS negotiation. The PE port used is that of the FTP server (21 by default). | ||
| 120 | * **FTP mode implicit on TLS**: When you select Implicit SSL/TLS connection, the FTP Client uses implicit security. Implicit security automatically starts with an SSL connection as soon as the FTP Client connects to the server. No AUTH TLS command is sent before TLS negotiation. | ||
| 121 | |||
| 122 | By default, the FTP Client uses port PI = 990 for implicit connections. | ||
| 123 | |||
| 124 | = Possible actions{{id name="Actions"/}} = | ||
| 125 | |||
| 126 | You can use the **File Manager** to take action on the files on the FTP(S) server. | ||
| 127 | See the page[[ File Manager>>doc:Digdash.user_guide.studio.managers.Files.WebHome]] page for more details. |