#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Posts
    407
    Rep Power
    12

    To "//" or not to "/"


    I'm having kind of a weird issue using curl to ftp upload images and other files.

    When I use what I thought is the standard form:

    Code:
    curl -s -S -v -u login:pwd FTP://myserver.com/usr/home/grndlvl/public_html/posthumour/images/ -T '/Volumes/Macintosh HD/Users/jeffrey/Pictures/mp/test.jpg'
    I can't upload anything, but when I use:

    Code:
    curl -s -S -v -u login:pwd FTP://myserver.com//usr/home/grndlvl/public_html/posthumour/images/ -T '/Volumes/Macintosh HD/Users/jeffrey/Pictures/mp/test.jpg'
    I can. I checked with my isp, and they say it is not specific to them:

    server.xxx.com/bin
    server.xxx.com//usr/home/user/bin

    are both valid.

    What is the most generally expected form for most servers?
    Last edited by groundlevel; February 27th, 2010 at 10:20 PM.
  2. #2
  3. Transforming Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,110
    Rep Power
    9398
    What's expected is you use locations relative to your initial FTP directory.
    Code:
    FTP://myserver.com/public_html/posthumour/images/

    Originally Posted by groundlevel
    I can. I checked with my isp, and they say it is not specific to them:

    server.xxx.com/bin
    server.xxx.com//usr/home/user/bin

    are both valid.
    Are you saying you can browse to http://server.xxx.com/bin and get the same stuff at http://server.xxx.com//usr/home/user/bin?
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Posts
    407
    Rep Power
    12
    They're being obtuse.

    So I think I'm going to try just straight ftp. Can you tell me the correct command given the parameters to upload to a specific directory with the login and password?

    If you happen to know if such a thing is possible with sftp or even scp, that would be even better.
  6. #4
  7. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Mar 2004
    Location
    Kostolac, Serbia
    Posts
    855
    Rep Power
    1391
    Secure your FTP server immediately by chrooting its users since its clear that you don't want anyone taking a peak at your /etc/passwd etc. That way you will limit all your users to access only their home folders.

    If you are using vsftp then you can simply open the /etc/vsftpd/vsftpd.conf and change the chroot_local_user setting to look like the following line
    Code:
    chroot_local_user=YES
    . If there is none add it right at the end of the file.

    After that restart vsftpd with
    Code:
    service vsftpd restart
    .

    That is the obvious reason why you are able to traverse that web server the way you do it.

    As for the second question you might be better of with using ncftp or similar, more secure, client. The method you are using is considered to be obsolete now from a security point of view although that might not be the biggest problem you have currently considering you server setup
    Last edited by holodoc; February 28th, 2010 at 09:19 PM.
    PHP Code:
    <?php
    abstract class Ignorance extends Stupidity implements Unavoidable 
         public static 
    $humiliation

         private function 
    __construct(){
            
    parent::__destruct();
         }; 

    ?>
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Posts
    407
    Rep Power
    12
    Heh. Noted.

    This is actually for an app I'm making. So I can't use someone else's app

    I need the actual commands, and I'd like to make them secure, hence sftp or scp as a preference.

    But any command line program would work.

IMN logo majestic logo threadwatch logo seochat tools logo