How to set up an FTP server on a home computer.
Table of Contents
- Install the FTP Server
- Setup User Account
- Configure the FTP Server
- Test the FTP Server
- Other FTP Servers
This tutorial explains how to set up an FTP server on a home computer running Windows. I'm going to make a lot of broad statements, I know there are exceptions/technicalities. For the sake of simplicity, pretend they're true. I've tried to make this guide as simple as possible. The problem is, setting up and FTP server can become complicated. In this guide I will cover the necessary steps and provide brief explanation of what each step does. If you require a more in depth explanation, I have included some useful links to relevant sites within each step of this guide. I'm going to assume you understand the following terms: Port, FTP, FTP client, and FTP server. If you don't, read on.
A port is an opening on your computer that data can pass through, your computer has over 63,000 of them. When a computer sends data to another computer it must know which port to send it through because some ports are associated with specific programs (i.e. HTTP is associated with port 80) and some ports are closed and won't accept incoming data.
FTP stands for "File Transfer Protocol". It's a way for two computers to transfer large files back and forth. It's different from HTTP, the protocol your web browser uses, because HTTP is designed to move small files fast. FTP is commonly run on two ports, 20 and 21. Port 21 is the referred to as the "command port", this port handles the commands that pass between the FTP client and the FTP server. Port 20 is the "data port", this port handles the transfer of data (the actual file, directory listings, etc.) between the client and the server. If the FTP client is connected in passive mode, the data port can change from 20 to another port that the server specifies (more on passive mode later).
An FTP client is what you use to download files from an FTP server. The FTP client initiates the connection to the FTP server. An FTP client cannot set up user accounts and cannot serve files to other FTP clients.
An FTP server is what you use to serve or upload files to computers with FTP clients. The FTP server doesn't initiate connections, the FTP client does that. The FTP server is where you set up user account and specify which files those accounts can access. Essentially, the purpose of an FTP server is to serve files to the FTP client.
First, you need to install an FTP server on your computer. I recommend Filezilla Server, it's fast, reliable, secure, and is under active development. If you want to try another FTP server, there is a list at the bottom of the page. However, this guide is based on Filezilla FTP server (although the same concepts apply).
Install Filezilla FTP Server. During the installation, I recommend you do the following...
- Make sure the "create start menu icons" option is checked. These shortcuts will be useful later on for stopping and starting the FTP server and the server interface.
- When it says "Please choose how Filezilla FTP Server should be started", I suggest you choose "Install as service, started manually". Don't use the default selection unless you want the FTP server to start with Windows.
- When it says "Please choose how the server interface should be started", I suggest you choose "start manually". Again, don't use the default selection unless you want the server interface to start with Windows.
Once you have finished installation, Filezilla FTP Server and Filezilla Server Interface should start automatically. You should see a small window open that looks like this:
Keep these settings. The IP address, 127.0.0.1, is what's known as the local host IP address. This is a unique address that you shouldn't change. This IP address is necessary for the Filezilla Server Interface to connect to the Filezilla FTP server. Think of this number as the address the interface needs to find the FTP server. The server is located on the same computer as the server interface, so when the server interface starts, it knows to go to 127.0.0.1 (your computer) to find the FTP server. The port, 14147, is just a random port, leave it as it is, there's no reason to change it. Don't enter a password, you don't need one right now. Check the "Always connect to this server" box so you won't be prompted every time you start the server interface. Click OK and the Filezilla Server interface should open telling you you're logged on.
NOTE: It's important that you think of Filezilla FTP Server as two components. There is the Filezilla FTP Server (the actual FTP engine) and the Filezilla Server Interface. The Filezilla FTP Server must be started first. If you were to start the Filezilla Server Interface without starting the Filezilla FTP Server, you would see a screen like this:
What's happening in the above picture is Filezilla Server Interface is trying to access the Filezilla FTP Server, which is located on your computer (local host, 127.0.0.1). It keeps failing because the FTP server it's looking for isn't turned on.
If you want to start Filezilla FTP server, make sure you do it in the following order:
- Go to the shortcut in the start menu and click "Start Filezilla Server".
- Go to the shortcut in the start menu and click "Start Filezilla Server interface".
If you want to stop Filezilla FTP server, make sure you do the following:
- Close the Filezilla Server Interface.
- Go to the shortcut in the start menu and click "Stop Filezilla Server interface". You could also hit ctrl-alt-delete and stop it in the processes menu.
If you stop the server interface but don't stop the FTP server, users can still log on and download from you.
In order for people to connect to your FTP server, there must be a user account for them to connect to. Make sure the FTP server is running. Start the FTP server interface and click on the Edit menu and select User. The menu allowing you to set up user accounts will open. Click on the Add button on the far right of the menu. A small window will open up. Enter a username but don't make them a member of any group, then click OK. Choose any username you want, I chose to name this user "someuser". Now check the Password box and enter whatever password you want that user to have. When you're done, it should look like this:
Now click on the Shared Folders text which is located on the menu on the left side of the screen. The window will change to the section that allows you to specify which files on your computer the user account will have access to and what kind of privileges the user will have in that directory. Click the "Add" button toward the left side of the screen and select the directory you want to give the user access to. You can grant each user access to multiple directories by adding them one at a time. You will see a list of check boxes to the right of the directory listings. These are privileges you can give to the user. The choices are:
- READ: user can read/open files
- WRITE: user can upload files
- DELETE: user can delete files
- APPEND: user can pause and resume downloads
- CREATE: user can create directories
- DELETE: means the user can delete directories
- LIST: user can get a listing of directories and files
- +SUBDIRS: user can access subdirectories with the same privileges that are specified above
Keep the default settings on the right checked unless you want to allow the user to be able to delete files within or write to the assigned directory (you probably don't want to do this). When you're done, it should look like this.
In this example I have given the user access to the entire D drive. Now a user account is setup. On to configuration.
If you're behind a personal firewall...
If you're behind a firewall then you must allow outgoing and incoming connections to your FTP server on ports 20, 21, and 50000-50100. Ports 20 and 21 are the default FTP ports, ports 50000-50100 are used if the FTP client connecting to your server is in passive mode (I just chose ports 50000-50100 at random, you can pick any range of ports you want). If you have a personal firewall such as ZoneAlarm Pro, Sygate, or Outpost, you should see a window open notifying you that Filezilla FTP server is trying to connect to the Internet. Just click "Yes" or "Allow" and you don't have to worry about specifying ports. If you have a more complicated firewall you'll have to consult it's documentation to figure out how to do this.
If you're behind a router...
If you're behind a router or router/firewall you must set up port forwarding. Port forwarding is a way for unrequested information from the Internet side of the router to reach your computer on the internal network behind the router. Your router has the job of taking one IP address (the external IP address) and splitting it into many IP addresses (the internal IP address), one for every computer connected to it. When someone tries to connect to a computer behind a router, they send information to the external IP address (the router). That data is received by the router, which forwards it to the internal IP address (your computer). However, the person requesting a connection only knows the external IP address (the router), they don't know the internal IP address. So the router receives the information, but doesn't know which internal IP address to forward it to. Port forwarding fixes this. Port forwarding is your way of telling the router that any traffic it receives on a certain port (in this case ports 20, 21, and 50000-50100) should be forwarded to the internal IP address of your computer. If you're still lost, look at the diagram below or read a little more about it at portforward.com.
To set up port forwarding, you need your internal IP address (the address your router assigns your computer). Follow these instructions:
If using Windows 95/98/ME:
Go to the start menu, select run, type winipcfg and select your Internet adapter from the menu. Your IP address is shown in the "IP Address" field. If you're having trouble, go here for a more detailed explanation.
If using Windows NT/2000/XP:
Go to the start menu, select run, type cmd, and type ipconfig. Your IP address is shown in the "IP Address" field. If you're having trouble, you can find a more detailed explanation here.
Your internal IP address will probably be something like 192.168.X.XX. For demonstrative purposes, I will use 192.168.2.21 as my internal IP address. Now that you know your internal IP address, you can set up port forwarding. To do this you need to access the web interface of your router using your web browser. If you want instructions for your particular router, consult your manual or go to the router listings at portforward.com and find your router's instructions. I have a Belkin router so I access my routers web interface by typing 192.168.2.1 into the web address field of my web browser, hit enter and the web interface loads.
Once the web interface is loaded. Click on "Virtual Server" (circled in red above) and enter the following information.
You can enter anything you want in the description field. I entered "ftp" to remind myself and anyone else that logs onto the router what it is for. The inbound ports fields are the ports on the router. Specify ports 20, 21, (default FTP ports) and 50000-50100 (passive mode, more on this later). In the Type field you can specify TCP or UDP. Choose TCP since FTP doesn't use UDP. The private IP address is the internal IP address of your computer, enter the IP address you determined above. The private ports are the ports on your computer. Enter the same ports here as the inbound ports. You could enter a different range of ports for the private ports but this just unnecessarily complicates things. If you do this your router will be set up so that all traffic on port 20, 21, and 50000-50100 is directed toward your internal IP address. Click the "Apply Changes" button and log off.
WARNING: When you start your computer, the router may assign your computer a new internal IP address. If this happens you have to log back onto your router and enter the new internal IP address. If you don't feel like doing this every time you start your computer, you have to adjust Windows so that it always requests the same IP address from the router. You can find instructions on how to do this from our good friends at portforward.com.
Configure passive mode settings
When an FTP client connects to your server it has the option of connecting in active mode or passive mode. In active mode, the connection to send data from the FTP server to FTP client is initiated by the FTP server. In passive mode it's initiated by the FTP client. You can find a more in depth explanation of active and passive modes here. For the sake of keeping things simple, just realize that FTP clients connecting to your server can connect using active mode or passive mode. Your server will go into either active or passive mode depending on the mode the FTP client initiates. Since FTP clients vary between active and passive mode, you must configure your FTP server to handle both. If you've follow the instructions so far, your FTP server is ready to transfer files in active mode. To configure it to use passive mode, open up the server interface and click on Edit, then click Settings, and select Passive mode settings and the menu for configuring passive mode will appear.
If you're not behind a router make sure Default is selected and check the Use custom port range: box and enter 50000 and 50100 in the fields. When you're done, it should look like this:
Click OK and you're done.
If you are behind a router check the "Use the following IP:" selection and enter your internal IP address. Then check the "Use custom port range:" box and enter 50000 and 50100 in the fields. These are the ports that Filezilla FTP server will use to transfer data when it's in passive mode. When you're finished, it should look like this:
Click OK and you're done.
Now your FTP server is configured to connect to FTP clients using either active or passive mode.
Now test your FTP server. Either get someone with a FTP client to log onto your server or go to a remote computer and log on yourself. In order to log onto your FTP server the user must know the IP address, the username, and the password. You can get your IP address by going to whatismyip.com or whatismyipaddress.com. If you're behind a router, this is your external IP address. To connect to your FTP server the user must open their FTP client and enter your IP address into the host field and the username and password into their appropriate fields as shown here:
I've chosen 220.127.116.118 as the external IP address. Click connect and if you've set everything up correctly, the user should be able to log onto your FTP site.
WS FTP Server
Full featured high-end FTP server. Specifically designed for Windows platforms. Has many features including thumbnail viewing, drag-and-drop transferring, 128-bit SSL encryption, and auto-resuming of transfers. The price can range from $395.00 - $34.95 depending on the version.
Bulletproof FTP Server
Powerful yet simple FTP server. Suitable for business or home user. Similar features as WS FTP. You can get it for $34.95.
War FTP Daemon
Popular open-source, free FTP server. Probably one of the most developed open-source FTP clients available. There hasn't been a new release for a while, but development is still ongoing and a new release is expected soon.