Question

Using a domain to connect to the server via FTP instead of the ip.

Posted December 7, 2016 5.5k views
DigitalOcean Ubuntu 16.04

Hey, so I am running an Ubuntu 16.04 server with vsftpd installed according to this tutorial. Everything works fine and I can upload files using an ftp client.

However I would like to use one of my domains instead of the IP in the ftp client to connect to the server.

I am using the digital ocean name server with basically all default settings. My domain points to the server IP.

On my server I am running docker and an nginx proxy. This proxy redirects the incoming traffic to an upstream e.g. a nodejs server (also docker).

The nginx config is the following:

server {
    server_name ~. ;
    listen 80;
    listen [::]:80;
    # config for .well-known
    include /etc/nginx/includes/letsencrypt.conf;

    location / {
        return         301 https://$host$uri;
    }
}

# Redirect all www to non-www
#
server {
    listen 80;
    listen [::]:80;
    server_name "~^www\.(.*)$" ;
    return 301 https://$1$request_uri;
}

# Redirect https www to non-www
#
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name www.domain.com;
    ssl_certificate /etc/letsencrypt/live/www.domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.domain.com/privkey.pem;
    return 301 https://domain.com$request_uri;
}
server {
    server_name domain.com;
    ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

isten 443 ssl http2;
listen [::]:443 ssl http2;

# access_log
access_log            /var/log/nginx/access.log;
# proxy_pass config
location / {
    # include proxy presets
    include /etc/nginx/includes/proxy.conf;
    proxy_pass              http://upstream$uri;
}
# general ssl parameters
include /etc/nginx/includes/ssl-params-with-preload.conf;

root         /var/www/html;
}

I am using the suggested FTP with SSL method in my ftp client.

Any idea what I am doing wrong? Thanks.

Add a comment
lukasoppermann
By:
lukasoppermann
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

2 answers
ryanpq December 7, 2016

Hey There. Thanks for posting here, this was not going to be easy to troubleshoot over social media. As we’ve already ruled out a service in front of your droplet like CloudFlare lets dig into this.

You mentioned that you can reach your droplet’s FTP service by using the IP address but not when using your domain. Can you share the domain name you’re having trouble with? If you’re not comfortable sharing it publicly you can include it in an email to me (ryan[at]digitalocean.com)

Reply Report
  • lukasoppermann December 7, 2016

    Hey, one domain for example is lukasoppermann.com

    Reply Report
    • ryanpq December 7, 2016

      I was able to confirm that that domain is resolving properly for me to the same IP address as your droplet. I then attempted an FTP connection on port 21:

      $ ftp lukasoppermann.com
Connected to lukasoppermann.com.
220 (vsFTPd 3.0.3)
Name (lukasoppermann.com:ryan):

      And it appears to be responding as expected there (from outside DO’s network). If your attempts are not getting that far there may be a cached DNS result that is causing the name to resolve incorrectly (though if this were the case web requests would likely go to the same place).

      While your individual web services are being run in docker, as I understand it vsftpd is installed directly on the droplet so it also wouldn’t be a port mapping issue.

      Are you getting a complete failure to connect to the service or a failure to authenticate?

      Reply Report
      • lukasoppermann December 7, 2016

        Yes, correct vsftpd is directly on the droplet.

        I am getting an authentication error.

        Hmm, all other domains work now. Maybe it is something to do with the ssl certificate?

        Reply Report
        • lukasoppermann December 8, 2016

          Further information:

          • I have 2 domains that use external name servers, they work fine.
          • I have one domain: lukas-oppermann.de which uses the digital ocean nameserver and works fine
          • I have 2 domains (lukasoppermann.de & lukasoppermann.com) which both use the digital ocean nameserver (same setup as for lukas-oppermann.de) but they do not work.

          The error I am getting is in transmit is:

          Could not connect to server “lukasoppermann.de”.

          Server said: Login incorrect.

          Your password may be incorrect. Please double-check your login settings.

          When using ftp -p domain.com I am getting this for both:

          Connected to domain.com.
          220 (vsFTPd 3.0.3)
          Name (domain.com:lukasoppermann): lukas
          530 Non-anonymous sessions must use encryption.
          ftp: Login failed

          Reply Report
Woet December 7, 2016

Why are you using FTP instead of SFTP?

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help