Settings

(1) Allowed subtypes: The allowed subtypes are 'normal' FTP and implicit and explicit FTPS. FTPS is an extension of FTP that also provides encryption over TLS and SSL for security. Implicit and explicit are two different methods of how to establish these additional layers of security during connection setup. If one of the two FTPS options is selected, certificates for encryption can be selected in further fields ("Local Certificates" and "Partner Certificates").

(2) User directory (local): The user directory (or home folder) of the user of this FTP channel. See also (3).

(3) Do not create user directory again: If this checkbox is set, the user directory (and subdirectories, see "subdir.properties") is not created again when saving the channel. Note: The user directory is created when the channel is created, i.e. the first time it is saved. The checkbox is only visible if the channel already existed, i.e. not when it is created. If the checkmark is removed and the channel saved, the directory will be created again, but afterwards the checkmark will be set again automatically.

(4) Allow virtual user directory: If this checkbox is set, the user cannot change to a directory outside (i.e. above) of the home folder. This is the default setting. The setting should only be changed in justified exceptional cases. In the current implementation of the FTP server, it is not possible to change to a directory outside of the home folder anyway. However, if the basis of the implementation changes in the future, this might no longer be ensured, so this setting is available.

(5) Reuse SSL session for FTPS: This option may enhance performance if it prevents multiple SSH connection setups.

(6) Define event exceptions: Opens a dialogue for editing the file ./etc/admin/datawizard/ftp_user_rules.properties. In this file, you can specify that all uploads of a given user or even uploads to individual directories of a user are not perceived as an event. The administrator is then responsible for copying/deleting the files. This setting is especially relevant for the operation of a DMZ server.

Notes:

• If there is only a username specified in a line, all events for this user are excluded.

• If directories are specified, no placeholders or regular expressions are allowed. The only exception is "*" (see next note).

• If a directory is specified, exclusions of events apply only to this directory, not to its subdirectories. But if "*" is used, all subdirectories are excluded. For "dir4/*" that is "dir4/sub1" and also "dir4/sub2", as well as "dir4/sub2/sub3", etc. Note: Specifications like "dir4/Orders*" are not possible.

(7) Connection test: Tests if the outgoing FTP connection can be established.

(8) Whitelist, Blacklist: Enables the explicit enabling (whitelist) and disabling (blacklist) of certain client IPs/URLs. Both the whitelist and blacklist are evaluated. If an address is present on both lists, the blacklist takes precedence.

Access rights

The access rights for the user can optionally be managed here. The rights to "read", "write", "create" and "delete" files and folders can be assigned. The specification of the path is always relative to the home folder, see (2).

Note: The user rights that are defined here refer to the user of our FTP server that is defined on page Partner ID (Partner towards me).

Note: The folders defined here are also created with the corresponding access rights. See (2) and (3).