Manage FTP connections

This applies to forward proxy configurations only.

Caching Proxy proxies requests for FTP URLs to the appropriate FTP server, but it cannot be used to proxy requests from an FTP client. It can support only those FTP requests received from an HTTP client (using the ftp:// protocol scheme).

Only the GET, PUT, and DELETE methods are supported for requests for FTP files. Only the GET method is supported for requests for FTP directory listings. By default, PUT and DELETE are disabled in Caching Proxy. For more information, refer to Enable HTTP/FTP methods.

This topic describes how to protect FTP files and manage FTP server login, directory paths, and chaining.

Protect FTP files

If you have enabled the PUT method for FTP file uploading or the DELETE method for FTP file deletion, you need to define FTP proxy protection for at least PUT and DELETE requests, to prevent unauthorized file updating at your FTP server.

To protect the proxying of FTP requests, in the Configuration and Administration forms, select Server Configuration -> Document Protection. To create a protection setup for FTP file requests, include ftp:// at the beginning of the request template. For example, to protect files in a directory named exams, use the template ftp://exams/*.

For more information on creating protection setups, see Server protection setups.

Manage FTP server login

If no user ID and password is specified in the request URL, Caching Proxy attempts to log into the requested FTP server anonymously (using the user ID ANONYMOUS). Many FTP servers require an e-mail address as the password for anonymous FTP. If the FTP server asks for a password for the anonymous login, Caching Proxy sends the e-mail address specified by the WebmasterEmail directive in the configuration file.

To set the Webmaster e-mail address in the Configuration and Administration forms, select Server Configuration -> System Management-> SNMP MIB. The e-mail address can also be set by using the WebmasterEmail directive; for details, see the reference section: WebMasterEMail -- Set an e-mail address to receive select server reports.

If the FTP server in the request URL requires a specific user ID and password to log in, users can enter the user ID and password in the request URL, for example:

ftp://userid:password@ftpserverhost/ 

If you do not want to specify the password for the FTP user ID in the request URL, users can enter only the user ID in the URL: ftp://userid@ftpserverhost. Caching Proxy first attempts to log into the FTP server with the specified user ID and no password. If the login is unsuccessful without a password, then the browser prompts for the password associated with the specified user ID.

For logins other than anonymous, at least the user ID must be specified in the URL. If the user ID is not specified, then anonymous login is attempted and the client is not prompted for the user ID.

Manage FTP directory paths

You must specify to Caching Proxy whether you want the path names in FTP URLs to be interpreted as relative to the user's working directory or relative to the root directory. For example, if a user who is logged into an FTP server has a default working directory called /export/home/user1 and wants to retrieve a file called test1.exe from a subdirectory called test, the proxy uses the following URLs to retrieve the file from the FTP server, depending on how FTP URLs are interpreted:

If relative FTP URL paths are set, users can still specify an absolute path name by using the convention of escaping the initial slash character (/) with %2F to indicate the root directory. For example, if user1, whose working directory is /export/home/user1, wants to access a file in user2's working directory, /export/home/user2, the request ftp://user1:user1pw@FTPhost/%2Fexport/home/user2/file is interpreted correctly as a URL relative to the root directory / (that is, as an absolute path name), even if relative FTP URL path names have been chosen.

To specify how FTP URLs are to be interpreted, in the Configuration and Administration forms, select Proxy Configuration -> Proxy Performance. In the lower portion of the form, under FTP URL paths should be:, select absolute paths to specify the server's root directory or relative paths to specify the user's working directory as the start of the path.

This setting can also be changed in the proxy configuration file; for more information, see FTPUrlPath -- Specify how FTP URLs are interpreted.

Manage FTP chaining

If you are chaining multiple Web proxy servers together, you can specify that requests containing FTP URLs are to be sent to a chained Web proxy server rather than directly to the FTP server. To specify a chained proxy server for FTP requests, in the Configuration and Administration forms, select Proxy Configuration -> Proxy Chaining and Non-Proxy Domains. The http:// protocol scheme is used to specify the URL of the chained proxy, even when chaining requests for an ftp:// protocol scheme.

To configure FTP chaining by using the proxy configuration file, see the reference section on ftp_proxy -- Specify another proxy server for FTP requests.