# Help needed - FTP equivalent services of HTTP



## lemonadesoda (Feb 22, 2009)

We recently set up a simple client access to our project server using FTP. We used xlightftpd.com which is pretty good; it lets you set up very detailed access control by folder *and by filetype*. I can definitely recommend it as an FTP server... and free for basic use.

It fits our needs exactly. So that's the problem?

Two of our clients have lock-down corporate security and BLOCK all ftp access. So... they cannot access our FTP server.

Does anyone know of an "FTP-like" set of services I can run through a simple HTTP server. Essentially, an FTP over HTTP webpage type of screen would be useful. The simplest system I can find has a major flaw: access control.  The material in confidential, so we can not just publish it for everyone and anyone to access. It has to be username/password access protected.

Thanks in advance for any suggestions.


----------



## Deleted member 3 (Feb 22, 2009)

Are the default FTP ports blocked or is the protocol blocked? In the first case you could run the server on an alternate port.
Otherwise there are things like net2ftp, basically a web based ftp client.


----------



## lemonadesoda (Feb 22, 2009)

DanTheBanjoman said:


> Are the default FTP ports blocked or is the protocol blocked? In the first case you could run the server on an alternate port.


I think rather than port blocking there is port "approved". I would imagine that (at the client site with corporate lock-down) only internal server service ports are open, and externally, just port 80.  I dont think I can run FTP on port 80 without screwing up OUR own network! (We dont have multiple external IP addresses, just one, and port forwarding to manage services across different users/servers).



> Otherwise there are things like net2ftp, basically a web based ftp client.


I can get them to try that method, ie. log in via the net2ftp website.  For better security, I guess I need to install net2ftp on our servers? Shame it is just a client service, which means I have to sit it on top of a full HTTP server. Would be great to have a standalone, just like FTP server.


----------



## Deleted member 3 (Feb 22, 2009)

Effectively allowing a few ports or blocking all but a few is the same. Either way, if the protocol itself isn't blocked you can use another port, one that is allowed.

As for a "full http server", Apache or lighthttpd are small and use close to no resources in this scenario. Either way, you can first test it and see if it does the trick and if it does install it yourself.


----------



## lemonadesoda (Feb 22, 2009)

AGREED. While it is the same in practice, there is a management "philosophy" difference.

1./ BLOCK all ports except one or two that we allow, e.g. 80. That means, trying to find an alternative to 21 for FTP is going to be somewhat fruitless. All ports are blocked; and

2./ ALLOW all ports, except one or two that are blocked for security threats, like 21. That means finding an alternative like 8021 or 2121 is going to be easy. It is "still" open.

While early firewall might have implemented version 2, with P2P, everyone I know of (corporate lock-down) implements version 1.  Finding an alternate port (or discussing with IT department to open a port) isnt going to go anywhere fast.

Perhaps I need to look into hosting (via lighthttpd - thanks) a simple groupware product that has a filehosting feature so I can just drop files into a folder on the server... and they get served up over HTTP.

Thanks for your thoughts so far... problem with groupware is the security access issue. Typically, (unless implementing something serious and expensive), access control lists are someone limited in function/feature.  The xlightftpd.com FTP server really worked well. I will try getting the clients to use net2ftp. If it works, I'll migrate a copy to our server.


----------

