VPS —— 配置FTP和多网站

--------------------------配置FTP-------------------------

转自：https://www.howtoforge.com/tutorial/proftpd-installation-on-debian-and-ubuntu/

以下命令，按顺序执行就OK【有底色的为说明】

apt-get update && apt-get upgrade

apt-get install apache2 apache2-doc apache2-utils

apt-get install proftpd openssl

选择standalone 按回车

查看版本：proftpd -v

以下是创建分组+创建用户名albert，用户目录是/var/www/albert/  :

addgroup ftpgroup

adduser albert -shell /bin/false -home /var/www/albert

运行结果：

root@vultr:~# adduser albert -shell /bin/false -home /var/www/albert

Adding user `albert' ...

Adding new group `albert' (1002) ...

Adding new user `albert' (1001) with group `albert' ...

Creating home directory `/var/www/albert' ...

Copying files from `/etc/skel' ...

Enter new UNIX password: <--输入密码，注意，密码不显示

Retype new UNIX password: <--再次输入密码

passwd: password updated successfully

Changing the user information for albert

Enter the new value, or press ENTER for the default

Full Name []: Albert Feng<--个人的信息

Room Number []: 

Work Phone []: 

Home Phone []: 

Other []: 

Is the information correct? [Y/n] Y <--输入Y 回车

root@vultr:~#

将用户假如到ftpgroup组中 

adduser albert ftpgroup

修改用户目录权限 

chmod -R 777 /var/www/albert/

配置proftpd 

nano /etc/proftpd/proftpd.conf

将文件内容做以下修改：

[...]
UseIPv6 off 
[...]
<Global>
    RootLogin   off
    RequireValidShell off
</Global>

DefaultRoot  ~

<Limit LOGIN>
    DenyGroup !ftpgroup
</Limit>

重启服务：

service proftpd restart

有时候会报错：

root@vultr:~# service proftpd restart

[ ok ] Stopping ftp server: proftpd.

[....] Starting ftp server: proftpdvultr.guest proftpd[3697]: mod_tls/2.4.3: compiled using OpenSSL version 'OpenSSL 1.0.1e 11 Feb 2013' headers, but linked to OpenSSL version 'OpenSSL 1.0.1t  3 May 2016' library

vultr.guest proftpd[3697]: mod_sftp/0.9.8: compiled using OpenSSL version 'OpenSSL 1.0.1e 11 Feb 2013' headers, but linked to OpenSSL version 'OpenSSL 1.0.1t  3 May 2016' library

vultr.guest proftpd[3697]: mod_tls_memcache/0.1: notice: unable to register 'memcache' SSL session cache: Memcache support not enabled

. ok 

如果出现上面的错误，直接

nano /etc/proftpd/modules.conf

注释掉 LoadModule mod_tls_memcache.c 这一行就OK了

此时，FTP已经搭建好了，接下来开启TLS

nano /etc/proftpd/proftpd.conf

取消掉 Include /etc/proftpd/tls.conf 这行的注释

备份/etc/proftpd/tls.conf文件，然后清空它

cp /etc/proftpd/tls.conf /etc/proftpd/tls.conf_orig
cat /dev/null > /etc/proftpd/tls.conf
nano /etc/proftpd/tls.conf

然后打开/etc/proftpd/tls.conf写入以下内容

<IfModule mod_tls.c>
TLSEngine                  on
TLSLog                     /var/log/proftpd/tls.log
TLSProtocol                SSLv23
TLSOptions                 NoCertRequest
TLSRSACertificateFile      /etc/proftpd/ssl/proftpd.cert.pem
TLSRSACertificateKeyFile   /etc/proftpd/ssl/proftpd.key.pem
TLSVerifyClient            off
TLSRequired                on
</IfModule>

然后生成SSL证书到/etc/proftpd/ssl目录下：

mkdir /etc/proftpd/ssl

openssl req -new -x509 -days 365 -nodes -out /etc/proftpd/ssl/proftpd.cert.pem -keyout /etc/proftpd/ssl/proftpd.key.pem

执行结果：

root@vultr:~# mkdir /etc/proftpd/ssl

root@vultr:~# openssl req -new -x509 -days 365 -nodes -out /etc/proftpd/ssl/proftpd.cert.pem -keyout /etc/proftpd/ssl/proftpd.key.pem

Generating a 2048 bit RSA private key

.........................+++

...............+++

writing new private key to '/etc/proftpd/ssl/proftpd.key.pem'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [AU]:CN

State or Province Name (full name) [Some-State]:HeBei

Locality Name (eg, city) []:LangFang

Organization Name (eg, company) [Internet Widgits Pty Ltd]:

Organizational Unit Name (eg, section) []:

Common Name (e.g. server FQDN or YOUR name) []:

Email Address []:sesxuelan@gmail.com

root@vultr:~# 

出于安全考虑，将证书设置为只读

chmod 0440 /etc/proftpd/ssl/proftpd.key.pem

重启服务

service proftpd restart

到这就配置结束了，就可以用ftp软件进行连接了~

--------------------------配置多网站------------------------

在debian或基于debian的Linux发行版中apache安装后的默认配置文件所在目录都是在/etc/apache2/ 目录下. 
在这个目录下有如下目录

mods-available 包含可以使用的模块
mods-enabled  包含已经启用的模块
sites-available  包含可以使用的站点配置
sites-enabled   包含已经启用的站点配置

nano /etc/apache2/apache2.conf

进行如下修改：

KeepAlive Off
...

<IfModule mpm_prefork_module>
StartServers 4
MinSpareServers 20
MaxSpareServers 40
MaxClients 200
MaxRequestsPerChild 4500
</IfModule>

禁用默认网站：

a2dissite default

每个网站都需要在/etc/apache2/sites-available/中有一个对应的配置文件：

touch /etc/apache2/sites-available/canyoukiss.me

nano /etc/apache2/sites-available/canyoukiss.me

然后写入以下内容：

<VirtualHost *:80>
     ServerAdmin webmaster@example.com
     ServerName canyoukiss.me
     ServerAlias ss.canyoukiss.me
     DocumentRoot /var/www/albert/
     ErrorLog /var/log/canyoukiss.me/error.log
     CustomLog /var/log/canyoukiss.me/access.log combined
</VirtualHost>

创建相应的目录：

mkdir /var/log/canyoukiss.me/

mkdir /var/www/albert/

启用网站：

a2ensite canyoukiss.me

service apache2 restart

配置hosts：

nano /etc/hosts

写入以下内容：

45.32.xx.xx canyoukiss.me <--45.32.xx.xx是服务器的公网IP

多个网站，重复以上步骤即可

安装php+mysql+phpmyadmin：

apt-get  update

apt-get install php7.0 libapache2-mod-php

service apache2 restart  

apt-get install mysql-server mysql-client

apt-get install phpmyadmin

service apache2 restart  

然后就可以访问 canyoukiss.me/phpmyadmin 来管理mysql了