Home
Contents

Femitter HTTP/FTP Server manual
Prev Page Next Page
 


Help index
Configuring Windows Firewall
Managing users and user groups
HTTP server configuration
FTP server configuration
URL redirection service
Settings
Monitoring server activity
FAQ
User Licence Agreement

Managing users and user groups

Femitter Server has a powerful engine for allowing access to authorized users and disconnecting unneeded ones without forcing you to deal with numerous configuration files.

Group is a set of permissions, it specifies what a user belonging to this group is allowed to do on your server. Any group may be assigned to unlimited number of users. You may create as many groups as you need.

User is a single entity. Every user has his login and password. Every user belongs to a certain group which describes his permissions (rights) on the server. You don't have to specify the rights for every user, because it's too long and boring. Just create several groups with the most common permissions (Administrators, Trusted Users, Users), and assign any of these groups to new users.

If you run a "Public HTTP server" or "Public FTP server", you don't need to create users or groups because the access is available to anyone. The behavior of users in such public mode is subject to the settings of the "Default" group. You cannot delete this group, but you can change its permissions.

Groups.

Creating a new group.

To create a new group, enter its name in the edit field and press [Add/Update] button. If a group with this name already exists, it will be updated.

Updating an existing group.

To update a group, select its name from the dropdown listbox, change the permissions and press [Add/Update] button.

Deleting a group.

To delete a group, select it from the dropdown listbox and press [Delete] button. Note: you cannot delete "Default" group.

Group permissions (rights).

Allow HTTP access: if checked, users from this group will be able to connect to your HTTP server.

Allow FTP access: if checked, users from this group will be able to connect to your FTP server.

HTTP file upload policy:

  • Deny any upload attempts: users may not upload files to your system.
  • Allow limited upload: users may only upload files to a specified folder.
  • Allow upload to any folder: users may upload files to any folder (not recommended for security reasons).

FTP file upload and make directory policy:

  • Deny any upload attempts: users may not upload files to your system.
  • Allow limited upload: users may only upload files within a specified folder. They may also create subfolders in this folder and upload files to these subfolders.
  • Allow upload to any folder: users may upload files to any folder (not recommended for security reasons).

FTP delete and rename operations:

  • Deny all attempts: users may not rename or delete folders and files.
  • Allow in limited upload folder: users may rename or delete files and subfolders within a specified folder.
  • Allow everywhere: users may delete or rename all files, folders and subfolders in the ftp root folder (not recommended for security reasons).

Specific HTTP root: while other users will see the root folder specified in the HTTP settings, every group may have its own root folder for browsing.

HTTP limited upload folder: override the limited upload folder specified in the HTTP settings (for this group only).

Specific FTP root: override the ftp root folder specified in the FTP settings (for this group only).

FTP limited upload folder: override the limited upload folder specified in the FTP settings (for this group only).

SECURITY WARNING: FTP and HTTP servers can work simultaneously, so you should be careful when you assign permissions to your users. For example, if you set the HTTP root folder to "e:\wwwpub" because you don't want the users to see "c:\secret", and then you set FTP root folder to "e:\" this makes no sense, because although users will not be able to see "c:\secret" from web browsers, they will see it from FTP browsers. You should also avoid situations when you set less rights to some users to prevent them form seeing some files, and give more rights to anonymous (Default) users. This may make smart registered users use the anonymous account to gain access to the data that they shouldn't see.

Users.

To create a new user, follow these steps:

  1. Select a group for the new user (see Group manager part).
  2. Enter a user name in the edit field (see Add a user part). The name should contain Latin letters only.
  3. Press [Add/Update] (see Add a user part).
  4. In a new dialog window, enter a password for this user. Note: once the password is entered, you cannot see it again.

To change the password of an existing user or to assign new permissions to him, follow these steps:

  1. Select the user using the dropdown listbox (see Add a user part).
  2. Select another group with the required permissions using the dropdown listbox (see Group manager part).
  3. Press [Add/Update] button (see Add a user part).
  4. Enter a new password for the user. Note: once the password is entered, you cannot see it again.

To delete a user, follow these steps:

  1. Select the user using the dropdown listbox (see Add a user part).
  2. Press [Delete] button (see Add a user part).

To see the list of all users, their permissions and dates when they last accessed...

... just press [Show all users] button. You may also delete users form this list by pressing [Del] key on your keyboard.

Banning users by IP.

This feature may be useful when using the public HTTP or FTP access. Some users have no sense of proportion: they can download everything from your server twenty-four hours a day, thus reducing the performance of the server and limiting other users from accessing the required information easy and fast. Such users may be placed to the ban list and thus they will not be able to access your server. To ban a user, you can enter his IP manually in the edit field and press [Ban] button or ban the user directly from the Status tab.

  • For HTTP sessions, the ban becomes active on the next document request.
  • For FTP sessions, the ban becomes active on the next user login.

To disconnect the user immediately, you can select him in the Status tab and press [Disconnect] button.