Sign Up and Save!

Exclusive offers and helpful
tips from our monthly email
newsletter, AT&T InSite News.

Register | Update profile

Have Questions?

Call 1-888-944-0447 to speak with a representative.
Printer friendly

Frequently Asked Questions

Shared Hosting — File Transfer Protocol
(UNIX and Windows)

FAQ - File Transfer Protocol
Getting Started with FTP (UNIX and Windows)
The process by which files are transferred from your local computer to the web server is called "FTP" (File Transport Protocol). You have unlimited access via FTP 24-hours a day. As such, you can create and maintain your web pages on your own computer and upload files to your web site at your leisure. If your website software does not include FTP (upload) capabilities, or you do not use such software, you will need to use an FTP program to upload your files.

Some of our customers use the following FTP programs if they don't already have one on their computer. Since these FTP programs are provided by their respective owners, AT&T does not provide technical support for them. These programs are listed here for your reference:

Back to Top

Microsoft FrontPage Users
Customers with Microsoft FrontPage extensions installed on their sites should only use the FrontPage publishing feature to transfer files. Using regular FTP can corrupt the extensions, disabling the functionality of the FrontPage web and requiring that the site be deleted to reinstall the extensions.
Back to Top

Anonymous FTP Access (UNIX and Windows)
You can allow anonymous FTP access to visitors wishing to download or upload files to your web site as if you were running your own FTP server. You can enable (and disable) ANON FTP access within Edit Account Information within your account Control Panel. Just check (or uncheck) the Anonymous FTP Enabled box.

Security
Anonymous FTP will grant any and all users the ability to access your "upload" directory, or any directory on your domain that has been set for "public" read/write permissions. Anonymous users will have access to upload or download files to and from your domain. You must set the appropriate permissions for your directories to restrict anonymous FTP access. This is needed to ensure that anonymous users will not be able to access any existing files or directories. You can inhibit access to specific files and directories on our UNIX servers using the File Manger by disabling public read and/or write access to the files or folders you don't want people to see (i.e. cgi-local).

Responsibility
As the account owner, you are responsible for any and all files that are stored on your domain. This would include files that were uploaded by you as well as by anonymous FTP users. With the use of anonymous FTP, your site is susceptible of becoming a "warez" site. Typically, these are sites that are used by "hackers" to trade (upload/download) illegally pirated copies of software programs with one another. As the account owner, the complete content of your account is your responsibility. If your site becomes a trading post for "warez" programs, you may face legal action that can be taken against you by the programmers/software companies of the copyrighted software.

Data Transfer
Any and all FTP download transfers, anonymous FTP included, will be used in the calculation of the total data transfer for your account. If this total data transfer amount exceeds the limit that is set for your plan, you will be responsible for any and all overage charges that occur. Please Note: There will be NO exceptions made for these overage charges. Once anonymous FTP has been enabled, it will be your responsibility to monitor the anonymous FTP activity for your account.

Back to Top

Q&A: Changes to setting up Anonymous FTP access (UNIX only)
To increase your FTP site's security and to provide you with greater control over your FTP site, AT&T is introducing a number of changes in the functionality of our anonymous FTP services. These changes require that you make some simple modifications to your existing anonymous FTP directory structure.

This question and answer (Q&A) document highlights the major issues regarding the functional changes in our anonymous FTP services. Here you will also find what you need to do to modify your FTP site to use these services.

Q: What changes are being made to anonymous FTP accessibility and functionality?
A: There are a number of changes that you should know about:
  • Unless you decide to turn on anonymous FTP access via the Control Panel, such access will be not available. Previously, you may have noticed that the server could be accessed via anonymous FTP with your account’s domain name or IP address even if you had not enabled anonymous FTP. Thus, anonymous users were not in your account’s directory, but were instead in the server’s /u/ftp directory. To eliminate confusion over whether anonymous FTP is enabled for an account, the new anonymous FTP denies requests when anonymous FTP is not enabled.
  • The "/aftp" directory: This is a new directory located under the root directory of your site. This new directory is now required for anonymous FTP access. When an anonymous user logs in, that user will be restricted to navigation within this directory and its subdirectories.
  • You can allow anonymous users to create subdirectories within the "/aftp" directory.
  • The .ftpaccess file: This is a new file that you can create and use as necessary. By modifying the .ftpaccess file, you can control which functions (uploading, downloading, delete files, etc.) are available to anonymous FTP users. The .ftpaccess file can be located in any directory. It is active for all directories under it that are visible during a given anonymous FTP session.
  • To assure that your site’s security remains uncompromised, we recommend that you do not override the default anonymous FTP permissions with an .ftpaccess file. Doing so may grant undesired access to files and folders in your anonymous FTP site.
  • The .allowanon file: This is a new file that is required for anonymous FTP. There is no need to modify the contents of the .allowanon file. Enabling anonymous FTP through your Control Panel automatically creates this file. Disabling anonymous FTP through your Control Panel automatically removes it. Do not remove .allowanon by any means other than by disabling anonymous FTP through your Control Panel.
  • The anonymous FTP process now runs under your UserID. That is, it no longer runs under the “ftp” UserID. As a result, when files are uploaded to the account, they are immediately owned by your account’s UserID. Previously, the files were owned by the “ftp” UserID until the upload had been completed.
  • Your FTP site is monitored for disk space availability and data transfer totals. So, be sure to administer it carefully in order to avoid exceeding your hosting account's allotted disk space and data transfer limits.
  • If you enable anonymous FTP access, the default settings will allow anonymous users to upload, download, rename files and directories, and create directories. However, they cannot delete any files or directories. You have the ability to override both of these default functions with an .ftpaccess file.
Q: What anonymous FTP functionality will not be changed?
A: Overall anonymous FTP functionality will be largely unchanged. The changes to FTP functionality are limited to the above-mentioned anonymous FTP directory structure -- specifically, the addition of "/aftp" -- and the security-based limitations on user navigation via anonymous log in.
Back to Top

Q: Should I create the "/aftp" directory? What happens if I choose not to create it?
A: We suggest that you create the "/aftp" directory and populate it with the folders and files that you wish to make available to your anonymous users. If you choose not to create the "/aftp" directory, our system will create the "/aftp" directory automatically the first time an anonymous user tries to connect to your anonymous FTP site. Once the “/aftp” directory is created, the anonymous user begins navigation of your anonymous FTP site from within that directory. Keep in mind, however, that the “/aftp” directory will be empty when the system creates it for you. In the unlikely event that the system cannot create the "/aftp" directory, the user's anonymous connection will be not be allowed.
Back to Top

Q: How should I update hyperlinks that point to my anonymous FTP site?
A: As the "/aftp" directory is now required for anonymous FTP access and navigation, its addition to your site obviously changes the paths to any files or directories that you make available to your site's anonymous users. Therefore, any external hyperlinks (links located on Web pages) that point to those files or directories will need to be updated or somehow redirected accordingly. Below, we provide advice on two methods that you can use:
  • Method One:
    This method directs anonymous users to your site's "/aftp" directory automatically without your having to manually update any external hyperlinks.
    1. Create an "/aftp" directory directly under your FTP site's root directory.
    2. Move all files and directories that are accessible via anonymous FTP into your newly created "/aftp" directory.

      For example, let's say that you have a directory called "/myftp" that contains all the files and subdirectories that are accessible via anonymous FTP. That directory would be located at "u/web/userid/myftp". In this scheme, you would move that "/myftp" directory directly under the "/aftp" directory. So, after the move, the full path to "/myftp" would look like "u/web/userid/aftp/myftp".

    3. To finish, create a symbolic link from "u/web/userid/myftp" (the original path) to "u/web/userid/aftp/myftp" (the new path). To establish and enable the symbolic link, you will need to create either a shell script or a Perl script.

      Example 1: Shell script

      For user "userid", a typical shell script would look something like the following:

      #!/bin/sh
      echo Content-type: text/plain
      echo
      /bin/ln -s /u/web/userid/aftp/myftp /u/web/userid/myftp
      echo Done

      Example 2: Perl script

      For user "userid", a typical Perl script would look like the following. Note that this script can be uploaded to cgi-local and executed through a Web browser:

      #!/usr/local/bin/perl
      print "Content-type: text/plain\n\n";
      symlink ("/u/web/userid/aftp/myftp","/u/web/userid/myftp");
      print "Done!";

      The two scripts mentioned above are very basic and are to be used for illustrative purposes only. When you create your own script, you may want to include additional functionality, such as error checking, that would result in a more robust script.

  • Method Two:
    Below is an alternative to Method One. Method Two requires that you manually update your external hyperlinks. This method works well if you have only a few external hyperlinks whose URLs can be updated quickly:
    1. Create a "/aftp" directory directly under your FTP site's root directory.
    2. Move all files and directories that are accessible via anonymous FTP into your newly created "/aftp" directory.
    3. Locate the external hyperlinks that use URLs that consist of the old path(s) to your site's anonymous FTP files or directories.
    4. Manually update those URLs so that they now point to the appropriate files or subdirectories in the "/aftp" directory.
Back to Top

Q: Will this new anonymous FTP functionality include the ability to display messages to my site's users?
A: Yes. You now have the ability to customize and display the following user-facing messages:
  • DisplayLogin: This displays a custom message to users when they first log in to your FTP site. If the file for this message does not exist, neither a message nor an error will be displayed. DisplayLogin uses the welcome.msg text file.
  • DisplayFirstChdir: This displays a custom message when a user first changes (that is, "cd"s) into a different directory. You can define this message for each directory on your site. If the file for this message does not exist, neither a message nor an error will be displayed. DisplayFirstChdir uses the firstdir.msg text file.
  • DisplayQuit: This is a custom message that can be displayed when users log out of your FTP site. DisplayQuit uses the quit.msg text file.
Place the welcome.msg and quit.msg files in the “/aftp” directory of your site to display these messages. For example, if you want these messages to be displayed from your Web site and from your anonymous FTP site, you could place the files in your HTTP root and in your anonymous FTP root. Realize, however, that quit.msg works only for the directory in which it is located. That is, if quit.msg is placed in a parent directory, it will display only when the user exits from that parent directory. It would not display if the user exists from any child directories located beneath that parent directory.

Place first.msg into the directory (or directories) where you want its message to display when a user changes to that directory.

Q: If I am using anonymous FTP for downloads only, can I still use file permissions to restrict anonymous FTP uploads to my site?
A: Yes. However, as anonymous FTP runs using your UserID, the Owner permissions need to reflect the type of access that you want to allow in the /aftp directory. For download-only anonymous FTP access, you need to set the permissions on the /aftp directory to 500. Realize that these permissions will also affect your normal FTP access to the /aftp directory. When updating files in the /aftp directory, you (as Owner) need to set the permissions, temporarily, to 700 (that is, 7 - rwx - for Owner) so that you can update the files that are inside the /aftp directory.
Back to Top