1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
4        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
5              This file is generated from xml source: DO NOT EDIT
6        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
7      -->
8<title>mod_proxy_ftp - Apache HTTP Server</title>
9<link href="/style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
10<link href="/style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
11<link href="/style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="/style/css/prettify.css" />
12<script src="/style/scripts/prettify.min.js" type="text/javascript">
13</script>
14
15<link href="/images/favicon.ico" rel="shortcut icon" /></head>
16<body>
17<div id="page-header">
18<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p>
19<p class="apache">Apache HTTP Server Version 2.4</p>
20<img alt="" src="/images/feather.gif" /></div>
21<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="/images/left.gif" /></a></div>
22<div id="path">
23<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="../">Version 2.4</a> &gt; <a href="./">Modules</a></div>
24<div id="page-content">
25<div id="preamble"><h1>Apache Module mod_proxy_ftp</h1>
26<div class="toplang">
27<p><span>Available Languages: </span><a href="/en/mod/mod_proxy_ftp.html" title="English">&nbsp;en&nbsp;</a> |
28<a href="/fr/mod/mod_proxy_ftp.html" hreflang="fr" rel="alternate" title="Fran�ais">&nbsp;fr&nbsp;</a></p>
29</div>
30<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>FTP support module for
31<code class="module"><a href="/mod/mod_proxy.html">mod_proxy</a></code></td></tr>
32<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr>
33<tr><th><a href="module-dict.html#ModuleIdentifier">Module�Identifier:</a></th><td>proxy_ftp_module</td></tr>
34<tr><th><a href="module-dict.html#SourceFile">Source�File:</a></th><td>mod_proxy_ftp.c</td></tr></table>
35<h3>Summary</h3>
36
37    <p>This module <em>requires</em> the service of <code class="module"><a href="/mod/mod_proxy.html">mod_proxy</a></code>. It provides support for the proxying
38    FTP sites.  Note that FTP support is currently limited to
39    the GET method.</p>
40
41    <p>Thus, in order to get the ability of handling FTP proxy requests,
42    <code class="module"><a href="/mod/mod_proxy.html">mod_proxy</a></code> and <code class="module"><a href="/mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code>
43    have to be present in the server.</p>
44
45    <div class="warning"><h3>Warning</h3>
46      <p>Do not enable proxying until you have <a href="mod_proxy.html#access">secured your server</a>. Open proxy
47      servers are dangerous both to your network and to the Internet at
48      large.</p>
49    </div>
50</div>
51<div id="quickview"><h3 class="directives">Directives</h3>
52<ul id="toc">
53<li><img alt="" src="/images/down.gif" /> <a href="#proxyftpdircharset">ProxyFtpDirCharset</a></li>
54<li><img alt="" src="/images/down.gif" /> <a href="#proxyftpescapewildcards">ProxyFtpEscapeWildcards</a></li>
55<li><img alt="" src="/images/down.gif" /> <a href="#proxyftplistonwildcard">ProxyFtpListOnWildcard</a></li>
56</ul>
57<h3>Topics</h3>
58<ul id="topics">
59<li><img alt="" src="/images/down.gif" /> <a href="#mimetypes">Why doesn't file type <var>xxx</var>
60    download via FTP?</a></li>
61<li><img alt="" src="/images/down.gif" /> <a href="#type">How can I force an FTP ASCII download of
62    File <var>xxx</var>?</a></li>
63<li><img alt="" src="/images/down.gif" /> <a href="#ftpnonget">How can I do FTP upload?</a></li>
64<li><img alt="" src="/images/down.gif" /> <a href="#percent2fhck">How can I access FTP files outside
65    of my home directory?</a></li>
66<li><img alt="" src="/images/down.gif" /> <a href="#ftppass">How can I hide the FTP cleartext password
67    in my browser's URL line?</a></li>
68<li><img alt="" src="/images/down.gif" /> <a href="#wildcard">Why do I get a file listing when I expected
69        a file to be downloaded?</a></li>
70</ul><h3>See also</h3>
71<ul class="seealso">
72<li><code class="module"><a href="/mod/mod_proxy.html">mod_proxy</a></code></li>
73</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
74<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
75<div class="section">
76<h2><a name="mimetypes" id="mimetypes">Why doesn't file type <var>xxx</var>
77    download via FTP?</a></h2>
78      <p>You probably don't have that particular file type defined as
79      <code>application/octet-stream</code> in your proxy's mime.types
80      configuration file. A useful line can be</p>
81
82      <div class="example"><pre>application/octet-stream   bin dms lha lzh exe class tgz taz</pre></div>
83    <p>Alternatively you may prefer to default everything to binary:</p>
84      <div class="example"><pre class="prettyprint lang-config">ForceType application/octet-stream</pre>
85</div>
86    </div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
87<div class="section">
88<h2><a name="type" id="type">How can I force an FTP ASCII download of
89    File <var>xxx</var>?</a></h2>
90      <p>In the rare situation where you must download a specific file using the
91      FTP <code>ASCII</code> transfer method (while the default transfer is in
92      <code>binary</code> mode), you can override <code class="module"><a href="/mod/mod_proxy.html">mod_proxy</a></code>'s
93      default by suffixing the request with <code>;type=a</code> to force an
94      ASCII transfer. (FTP Directory listings are always executed in ASCII mode,
95      however.)</p>
96    </div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
97<div class="section">
98<h2><a name="ftpnonget" id="ftpnonget">How can I do FTP upload?</a></h2>
99    <p>Currently, only GET is supported for FTP in mod_proxy.  You can
100    of course use HTTP upload (POST or PUT) through an Apache proxy.</p>
101    </div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
102<div class="section">
103<h2><a name="percent2fhck" id="percent2fhck">How can I access FTP files outside
104    of my home directory?</a></h2>
105      <p>An FTP URI is interpreted relative to the home directory of the user
106      who is logging in. Alas, to reach higher directory levels you cannot
107      use /../, as the dots are interpreted by the browser and not actually
108      sent to the FTP server. To address this problem, the so called <dfn>Squid
109      %2f hack</dfn> was implemented in the Apache FTP proxy; it is a
110      solution which is also used by other popular proxy servers like the <a href="http://www.squid-cache.org/">Squid Proxy Cache</a>. By
111      prepending <code>/%2f</code> to the path of your request, you can make
112      such a proxy change the FTP starting directory to <code>/</code> (instead
113      of the home directory). For example, to retrieve the file
114      <code>/etc/motd</code>, you would use the URL:</p>
115
116      <div class="example"><p><code>
117        ftp://<var>user</var>@<var>host</var>/%2f/etc/motd
118      </code></p></div>
119    </div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
120<div class="section">
121<h2><a name="ftppass" id="ftppass">How can I hide the FTP cleartext password
122    in my browser's URL line?</a></h2>
123      <p>To log in to an FTP server by username and password, Apache uses
124      different strategies. In absence of a user name and password in the URL
125      altogether, Apache sends an anonymous login to the FTP server,
126      <em>i.e.</em>,</p>
127
128      <div class="example"><p><code>
129        user: anonymous<br />
130        password: apache_proxy@
131      </code></p></div>
132
133      <p>This works for all popular FTP servers which are configured for
134      anonymous access.</p>
135
136      <p>For a personal login with a specific username, you can embed the user
137      name into the URL, like in:</p>
138
139      <div class="example"><p><code>
140        ftp://<var>username</var>@<var>host</var>/myfile
141      </code></p></div>
142
143      <p>If the FTP server asks for a password when given this username (which
144      it should), then Apache will reply with a <code>401</code> (Authorization
145      required) response, which causes the Browser to pop up the
146      username/password dialog. Upon entering the password, the connection
147      attempt is retried, and if successful, the requested resource is
148      presented. The advantage of this procedure is that your browser does not
149      display the password in cleartext (which it would if you had used</p>
150
151      <div class="example"><p><code>
152        ftp://<var>username</var>:<var>password</var>@<var>host</var>/myfile
153      </code></p></div>
154
155      <p>in the first place).</p>
156
157      <div class="note"><h3>Note</h3>
158        <p>The password which is transmitted in such a way is not encrypted on
159        its way. It travels between your browser and the Apache proxy server in
160        a base64-encoded cleartext string, and between the Apache proxy and the
161        FTP server as plaintext. You should therefore think twice before
162        accessing your FTP server via HTTP (or before accessing your personal
163        files via FTP at all!) When using insecure channels, an eavesdropper
164        might intercept your password on its way.</p>
165      </div>
166    </div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
167<div class="section">
168<h2><a name="wildcard" id="wildcard">Why do I get a file listing when I expected
169        a file to be downloaded?</a></h2>
170      <p>In order to allow both browsing the directories on an FTP server and
171        downloading files, Apache looks at the request URL.  If it looks like
172        a directory, or contains wildcard characters ("*?[{~"), then it
173        guesses that a listing is wanted instead of a download.</p>
174      <p>You can disable the special handling of names with wildcard characters.
175        See the <code class="directive">ProxyFtpListOnWildcard</code> directive.
176      </p>
177    </div>
178<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
179<div class="directive-section"><h2><a name="ProxyFtpDirCharset" id="ProxyFtpDirCharset">ProxyFtpDirCharset</a> <a name="proxyftpdircharset" id="proxyftpdircharset">Directive</a></h2>
180<table class="directive">
181<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define the character set for proxied FTP listings</td></tr>
182<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyFtpDirCharset <var>character set</var></code></td></tr>
183<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyFtpDirCharset ISO-8859-1</code></td></tr>
184<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
185<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
186<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy_ftp</td></tr>
187<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.2.7 and later. Moved from <code class="module"><a href="/mod/mod_proxy.html">mod_proxy</a></code> in Apache 2.3.5.</td></tr>
188</table>
189    <p>The <code class="directive">ProxyFtpDirCharset</code> directive defines the
190    character set to be set for FTP directory listings in HTML generated by
191    <code class="module"><a href="/mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code>.</p>
192
193</div>
194<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
195<div class="directive-section"><h2><a name="ProxyFtpEscapeWildcards" id="ProxyFtpEscapeWildcards">ProxyFtpEscapeWildcards</a> <a name="proxyftpescapewildcards" id="proxyftpescapewildcards">Directive</a></h2>
196<table class="directive">
197<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Whether wildcards in requested filenames are escaped when sent to the FTP server</td></tr>
198<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyFtpEscapeWildcards [on|off]</code></td></tr>
199<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>on</code></td></tr>
200<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
201<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
202<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy_ftp</td></tr>
203<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.3.3 and later</td></tr>
204</table>
205  <p>The <code class="directive">ProxyFtpEscapeWildcards</code> directive
206    controls whether wildcard characters ("*?[{~") in requested
207    filenames are escaped with backslash before sending them to the
208    FTP server.  That is the default behavior, but many FTP servers
209    don't know about the escaping and try to serve the literal filenames
210    they were sent, including the backslashes in the names.  </p>
211    <p>Set to "off" to allow downloading files with wildcards
212    in their names from FTP servers that don't understand wildcard
213    escaping.</p>
214
215</div>
216<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
217<div class="directive-section"><h2><a name="ProxyFtpListOnWildcard" id="ProxyFtpListOnWildcard">ProxyFtpListOnWildcard</a> <a name="proxyftplistonwildcard" id="proxyftplistonwildcard">Directive</a></h2>
218<table class="directive">
219<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Whether wildcards in requested filenames trigger a file listing</td></tr>
220<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyFtpListOnWildcard [on|off]</code></td></tr>
221<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>on</code></td></tr>
222<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
223<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
224<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy_ftp</td></tr>
225<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.3.3 and later</td></tr>
226</table>
227  <p>The <code class="directive">ProxyFtpListOnWildcard</code> directive
228    controls whether wildcard characters ("*?[{~") in requested
229    filenames cause <code class="module"><a href="/mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code> to return a listing
230    of files instead of downloading a file.  By default (value on),
231    they do.  Set to "off" to allow downloading files even if they
232    have wildcard characters in their names.</p>
233
234</div>
235</div>
236<div class="bottomlang">
237<p><span>Available Languages: </span><a href="/en/mod/mod_proxy_ftp.html" title="English">&nbsp;en&nbsp;</a> |
238<a href="/fr/mod/mod_proxy_ftp.html" hreflang="fr" rel="alternate" title="Fran�ais">&nbsp;fr&nbsp;</a></p>
239</div><div class="top"><a href="#page-header"><img src="/images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
240<script type="text/javascript"><!--//--><![CDATA[//><!--
241var comments_shortname = 'httpd';
242var comments_identifier = 'http://httpd.apache.org/docs/2.4/mod/mod_proxy_ftp.html';
243(function(w, d) {
244    if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
245        d.write('<div id="comments_thread"><\/div>');
246        var s = d.createElement('script');
247        s.type = 'text/javascript';
248        s.async = true;
249        s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
250        (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
251    }
252    else { 
253        d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
254    }
255})(window, document);
256//--><!]]></script></div><div id="footer">
257<p class="apache">Copyright 2014 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
258<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
259if (typeof(prettyPrint) !== 'undefined') {
260    prettyPrint();
261}
262//--><!]]></script>
263</body></html>