Microsoft IIS 10.0 – Creating, securing, and configuring an FTP site

How to configure nginx for Magento 2

In this recipe, we will create an FTP site and create an FTP site binding. We will discuss how to set up SFTP (Secure FTP). We will also see how we can add an SSL certificate to our FTP site to make it secure and create a basic FTP site with anonymous access. We will overview the properties of the FTP site.

Getting ready

To step through this recipe, you will need a running Windows Server 2016 instance with IIS 10.0 and FTP server installed. You should also have administrative privileges.

How to do it…

  1. Log in to Windows Server 2016 with an administrator account.
  2. Open Server Manager.
  3. You have to click on Tools and go to IIS Manager. Open IIS Manager, and right-click on WIN2016IIS, as shown here:
  1. Click on Add FTP site, and you will get the FTP Site Information window, as shown here:
  1. We’ve added an FTP site called myftp. Select the local default ftproot folder, C:\inetpub\ftproot. You can also create your own folder anywhere on the server. Click on Next, and you will get the Binding and SSL Settings window, as shown here:
  1. Here, you can provide a dedicated IP address for the FTP site. We are keeping it at the default All Unassigned and default port 21 (you can also create a custom port number for the FTP site if you need, but you need to configure a firewall rule for the custom port).



  1. Here, we can secure the website. You have the options No SSL, Allow SSL, and Require SSL. Let’s select the default option Require SSL:
  1. Now you can see that we get all our previously created SSL certificates listed. If you need a secure FTP site, you can select any one of the SSL certificates and use the following steps to create an SSL FTP site. We will go ahead with the No SSL option. After selecting the No SSL option, click on Next. You will get the Authentication and Authorization Information, as shown here:
  1. Let’s select Anonymous authentication and Anonymous user authorization and provide permissions to Read and Write. Now an anonymous user can download and upload files on FTP. Click on Finish.
When you create an FTP server with anonymous access, it means your FTP site is unsecured, and anyone can get access to it.

I recommend you never create any FTP site with anonymous access; unauthorized users can harm your FTP server. FTP servers, whether configured over secure or normal protocols, must be restricted at least to allow only authorized user access.

  1. Let’s go to IIS Manager. Expand the Sites folder, and you will see the myftp site created:
  1. Go to the Actions pane of the myftp site and click on Bindings. You will get the bindings window, as shown here:
  1. Click on Type: dropdown in the Add Site Binding window, and you will see that we have options to select http, https, and ftp. You can set the site binding to ftp if you have an existing site.
  2. The basic properties are the same as the website properties, which we discussed in earlier chapters. Click on the Advanced Settings… option, and you will get the Advanced Settings… window, as shown here:
  1. You need to set the connection properties here. You can create more specific connections if you want to, but we’ll keep it default. Click on OK to close the Advanced Settings… window of the myftp site.

How it works…

In this recipe, we created the FTP site myftp. We made an FTP site binding and discussed custom bindings. We discussed how to set up SFTP (Secure FTP) and how an SSL certificate can be added to an FTP site to make it secure. We created a basic FTP site called myftp with anonymous access. We had an overview of the properties of the FTP site.

Comments are closed.