This guide will cover installing FileRun to use as a web FTP client. This allows you to upload files to your Linux VPS without depending on Operating System specific software.
To begin with, we are going to make sure our system is up to date and fully upgraded:
sudo apt update && sudo apt upgrade -y
Since this is a web-based tool we will need to have a LAMP stack up and running with our dependencies in place:
sudo apt install apache2 mariadb-server php7.2 imagemagick ffmpeg unzip
sudo apt install php-mbstring php-zip php-curl php-gd php-ldap php-xml php-pdo-mysql
We want to be able to test that our LAMP stack is working properly. To do so, we're going to create a simple PHP info file.
sudo nano /var/www/html/info.php
Now you can browse to: YourServerIP/info.php to find all sorts of wonderful information.
Please note: It is not considered good practice to leave this file accessible / on your server after you no longer need it as it will allow anyone who opens that file to view your PHP configuration. This can leave you vulnerable to exploits and/or system attacks.
Next, we will set up IonCube for PHP. Be sure that you download a file compatible with your systems architecture. As we are using a 64-bit machine, we'll grab the matching file. Once it's download, we'll unpack it with tar.
tar xvfz ioncube_loaders_lin_x86-64.tar.gz
Now we are going to copy our ionCube .so file to the PHP extensions directory. In this tutorial, that is located in /usr/lib/php/20170718/ -- You can use the phpinfo file we created earlier to determine which directory yours is located in.
sudo cp ioncube/ioncube_loader_lin_7.2.so /usr/lib/php/20170718/
This step will create a configuration file that PHP looks for when loading extensions. You can look back in your phpinfo file to find the directory. Search for "Scan this dir for additional .ini files." In our example, the directory is: /etc/php/7.2/apache2/conf.d --
Adding the "00-" as a prefix will ensure that PHP loads this extension first. This will help cut down on potential conflicts and errors arising from said conflicts.
sudo nano /etc/php/7.2/apache2/conf.d/00-ioncube.ini
Inside this file, we're going to insert the following line.
zend_extension = "/usr/lib/php/20170718/ioncube_loader_lin_7.2.so"
Now all that is left is to restart Apache for the configuration changes to take effect.
sudo systemctl restart apache2
When we re-visit our PHP Info page, we now see that the Zend Engine is utilizing the ionCube PHP Loader.
Once those are installed and ionCube is configured, let's set-up our database to use with FileRun.
Now log into your newly configured MySQL/MariaDB root user:
mysql -u root -p
Now tell MariaDB to use MySQL, and then we'll create the database and add some grants. Be sure to replace 'OUR-DATABASE-PASSWORD-HERE' with the password that you wish to use.
CREATE DATABASE filerun;
GRANT ALL ON filerun.* to 'filerun'@'localhost' IDENTIFIED BY 'OUR-DATABASE-PASSWORD-HERE';
With that out of the way, we're going to move on to setting up the PHP environment where FileRun will live:
sudo nano /etc/php/7.2/apache2/conf.d/filerun.ini
Inside this file we will add the following:
expose_php = Off error_reporting = E_ALL & ~E_NOTICE display_errors = Off display_startup_errors = Off log_errors = On ignore_repeated_errors = Off allow_url_fopen = On allow_url_include = Off variables_order = "GPCS" allow_webdav_methods = On memory_limit = 128M max_execution_time = 300 output_buffering = Off output_handler = "" zlib.output_compression = Off zlib.output_handler = "" safe_mode = Off register_globals = Off magic_quotes_gpc = Off upload_max_filesize = 50M post_max_size = 50M enable_dl = Off disable_functions = "" disable_classes = "" session.save_handler = files session.use_cookies = 1 session.use_only_cookies = 1 session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_httponly = 1 date.timezone = "UTC"
If you plan to upload files that are larger than 50MB, be sure to modify the upload_max_filesize and post_max_size values to meet your needs.
We will also enable the Apache rewrite module for use with certain features such as locally opening and editing a Microsoft document without downloading it first.
sudo a2enmod rewrite
Another quick restart for Apache to make our changes take effect:
sudo systemctl restart apache2
The final section will cover downloading and installing FileRun. Navigate to your WWW directory and remove the default index file as well as the info.php file we created earlier as we no longer need it.
cd /var/www/html/ sudo rm index.html && sudo rm info.php
We'll use wget to download the latest version of FileRun and then unzip it using the tool we downloaded in the second step.
sudo wget -O FileRun.zip http://www.filerun.com/download-latest
sudo unzip FileRun.zip
We want to assign ownership of these new files to our Apache user and then delete the zip file:
sudo chown -R www-data:www-data /var/www/html/
sudo rm -f FileRun.zip
We can now browse to our server IP and finish the FileRun installer script from the browser.
For the Database Setup, be sure to use the information you generated earlier on in this guide!
After this step if you were successful in connecting the database, you will be presented with a very important screen. Do not leave this page without creating a copy of the information it provides you.
A note from the developers over at FileRun about the security of this account --
Warning: The FileRun superuser is the only account not protected against brute force login attacks, so it is very important that you set a password that cannot be guessed by a computer. Set a long password, containing also uppercase letters, digits, and symbols.
We will take a few precautionary steps to secure our FileRun instance from some basic attacks. The system/data folder within /var/www/html/ is the only folder where PHP needs to have write access.
sudo chown -R root:root /var/www/html
sudo chown -R www-data:www-data /var/www/html/system/data
As a default, the superuser's home folder is located inside /var/www/html/system/data/ folder.
It's very important that you modify this user account within the FileRun control panel, and set its home folder path to a directory located outside the publicly accessible section of your web server ( /var/www/html ).
We're going to create a directory named Storage:
cd /var/www/ sudo mkdir storage sudo chown www-data:www-data storage
We will also modify our MySQL user to remove it's DROP and ALTER privileges. Please note that you will be unable to install any software updates to FileRun while these permissions are revoked. If you should need to update, they will need to be re-added again first.
REVOKE ALTER, DROP ON filerun.* FROM 'filerun'@'localhost'; FLUSH PRIVILEGES;
We have successfully installed and configured a basic FileRun web FTP instance. For more information regarding configuring FileRun, visit the official documentation located at the following link -- https://docs.filerun.com/