FTP setup for Ubuntu 14.04 - vsftpd or proftpd ?


I have an Ubuntu 14.04 deployed on my droplet. I’m using it for running multiple websites (one of which is written in core-php and other are Joomla! based). Now, on each website, there are options for visitors to register and submit posts and add attachments to their posts.

While uploading these files, the code uses FTP layer for uploads. I don’t want users to upload files through browser but utilize FTP layer. Although it may look like uploading from browser to a usual user but on backend, the application should utilize FTP for uploads.

Now my questions are:

  1. Primary objective to install FTP daemon on m y droplet is to allow file uploads by website visitors over FTP and not through web-browser. Which option is safer and better - vsftpd or proftpd?

  2. While FTP is not a recommended solution, is there a way to allow such file uploads on SFTP? If yes, then how can it be achieved through Joomla! and on a core-php code?

  3. If I use FTP for uploads, but restrict such FTP requests to my server IP, then would it work? And if it would, then is it a good solution to prevent unauthorized server access through FTP?

  4. If I use FTP, then I have to keep port 21 open in UFW. Although I may restrict user access to certain directory (chroot) and also disallow user from any other IP than the server itself, still port 21 is open. How to ensure that no intrusion happens while the port in open?

– Regards Saurabh

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.


No reply??? I mean no one??

Anyways, I chose proftpd over vsftpd…and took some additional security measures like:

a. Changed FTP port number in proftpd configuration

b. Installed fail2ban, Tripwire & ufw

c. Disabled root

Now my queries is: Can I use SFTP for uploads? Here uploads refers to - <uploading an image for their profile>, <‘doc’ files for sharing> etc… by registered users of my websites. If yes, then is it enabled just as same as we enable FTP uploads in Joomla! and core-php?

– Regards Saurabh