FTP (File Transfer Protocol) is a popular Internet data transfer protocol. You can use FTP to transfer files between a remote server and a local PC. FTP is often used by website administrators in order to upload and download files to their web-hosting servers. FTP protocol is implemented according to the “client-server” scheme: there are FTP-clients and an FTP-server.
In our instruction, we will show how to install and configure an FTP server based on a desktop Windows 10 OS without using third-party software (such as FileZilla Server, Titan FTP Server, Ocean FTP Server, etc.).
Installing FTP Server Components on Windows 10
At first let’s create an FTP folder. This directory will contain files and folders that should be accessible by the FTP clients. Create it on the desktop or you can create it anywhere on your PC. Usually, the C:\inetpub\ftproot directory is used as the root FTP folder.
Once it‘s done, press the Windows key + R to open the Run window. In the following window type cmd and click OK to open the Command prompt.
Now type ipconfig and press Enter. Right down you can see your IP address and default gateway IP.
Note. For properly FTP server functioning, it is desirable that a static IP address is assigned to your computer. If a DHCP server is used to issue IP addresses on your network, a static IP must be reserved for your network card MAC address.
We need this to configure an FTP server, but at first we have to install and configure IIS (Internet Information Services) components, so go to Control Panel. You should change to Small icons view and go to the Programs and Features.
Press here Turn Windows features on or off, scroll down to Internet Information Services, expand it, expand FTP server node. Now here check marks on Internet Information Services, Web Management Tools and World Wide Web Services. In addition, check marks on FTP Service and FTP Extensibility. After this, you just have to click OK to install the services. Once installation is finished close the window features dialog box.
Tip. Please note that in order to manage IIS, you must install the IIS Management Console (Web Management Tools > IIS Management Console). You can also install the IIS management console from PowerShell with the command:
Enable-WindowsOptionalFeature -Online -FeatureName IIS-ManagementConsole -All
Configuring an FTP site on Windows 10
Now let’s create a new FTP site and configure it. Go to Control Panel > Administrative Tools > Internet Information Services (IIS).
Here expand the root and expand the sites. Here is default site created, but we are going to create a new one. So, right click on Sites and select Add FTP Site.
Right after this, you have to name your FTP site and select the folder where the site will be created (the default is C:\inetpub\ftproot folder, but you can specify a different folder that you created earlier).
In the following window, you will see a site binding and SSL settings.
Binding IP Address by default is set to unassigned. So click on the drop down and select your IP Address. Now we selected no SSL, but if you are using this on real environment, we suggest you to select Require SSL option.
After that, you have to select basic authentication options and allow access to specified users. This user is a Windows user, the one you created when you installed Windows 10 or the one you are currently using. So, enter the username and select the proper permissions.
As the authentication method, select Basic. Authorization type > Specified users, enter the name of the user (or group). If the user should have the permission to read and write files in the FTP folder, check Read and Write in the Permissions section.
Then just Finish.
Your FTP site should appear in the tree structure of the Windows web server.
Setting Firewall Rules for FTP server
Standard Windows Defender Firewall with Advanced Security settings don’t allow you to remotely connect to your FTP site. Now we have to allow FTP access in Windows Firewall. Go to Control Panel > Windows Defender Firewall > Allow an app or feature through Windows Firewall. In the following window click on Change settings and find FTP server feature. Check both marks on it and click OK to save settings. Now the firewall is properly configured.
Tip. You can configure firewall rules to allow FTP traffic to the server using the commands:
netsh advfirewall firewall add rule name=”FTP” action =allow protocol=TCP dir=in localport=21 netsh advfirewall firewall add rule name=”sFTP” action =allow protocol=TCP dir=in localport=900 netsh advfirewall firewall add rule name=”FTPpassive” action =allow protocol=TCP dir=in localport=1024-65535
Configuring an FTP Account in Windows 10
Once it off, we need to create an FTP user or group, to which you provide access to the FTP server. Open the Computer Management console. In the right menu, select Users or Groups. Use the right mouse button to create a new user.
Add new user. Now enter the username and password. You must to set a password for your users, or they will not be able to connect to an FTP. Now click on Create and your FTP user is already created.
Now select the newly created site on IIS and click on FTP Authorization Rules.
Here you will see the default Windows FTP user permissions. We need to create another rule. Right click on the empty space, add allow rule and here select Specified users and then add user you’ve just created (FTPuser).
Tip. You can create several additional FTP folders on your FTP root:
- C:\inetpub\ftproot\LocalUser\Public – public FTP folder for anonymous users
- C:\inetpub\ftproot\LocalUser\%UserName% – home FTP folder for a local user
- C:\inetpub\ftproot\%Domain%\%DomainUserName% – home ftp folder for AD domain users if your computer is joined to the Active Directory (replace %Domain% to your domain name)
Also, select the proper permissions and click OK.
If you want anonymous users to access your FTP server, select the All Anonymous Users option. Anonymous users couldn’t write anything and change the data on our server; you need to specify Read-only access.
We need to add this user to the NTFS security settings of the folder. Right click on properties of the FTP-folder on your local drive, then go to the Security tab, edit it and add the newly created user.
Now make sure you have the user selected. In our case the Full Control permissions is assigned for a user. In your case you should select the proper permissions. Click Apply and then OK to save.
Configure FTP User Isolation
It is necessary configure an FTP user isolation if you need to isolate each FTP user by its own folder. In this case each remote user gets into his own ftp-directory and doesn’t have access to other users’ files.
To do this, open your FTP site settings and select the FTP User Isolation option. Select the User name directory and save the changes.
Right-click on the FTP site and select Add Virtual Directory.
Enter the user name in the Alias field, in the Physical path field, enter the path to the user’s folder (create a separate users’ subfolder in the root FTP folder on the local drive in advance).
How to Connect to an FTP Server in Windows 10?
Now we are ready to access this FTP. First, we will try accessing from the LAN.
Test the FTP commotion from another computer in the same LAN. Open the PowerShell command prompt and run on the following commands to check FTP server on Windows 10 computer:
# To test FTP Network Port connection Test-NetConnection -ComputerName yourWin10FTPcomputer -Port 21 # Now test FTP access ftp 192.168.1.251
You can open your FTP site using the built-in Windows 10 File Explorer. All you need to do is just type FTP:// and local IP Address of that machine (e.g. FTP://192.168.1.92). Press enter and you will be prompted to enter the username and password. Specify user credentials and press OK. We have access the user’s FTP via the LAN.
You should see the contents of the FTP server folder. Now you can upload and download file on FTP server.
You can check ftp server access log in the log files located in the C:\WINDOWS\System32\LogFiles\MSFTPSVC1 directory.
Note. But it is much convenient to use one of third-party FTP client to upload and download files to the FTP servers. Most popular FTP clients: FileZilla, WinSCP and Cyberduck.
If you have configure anonymous access to your FTP site, you should check the box Log on anonymous and specify any email address as an ftp user name.
If you want to access from the PC outside of your network, you need to configure your edge router to forward incoming FTP connection to your Windows 10 computer.
Make sure that you enable the port forwarding for the FTP protocol (both TCP, UDP ports 21). Make sure to save router configuration. Once done, log out and go to the Google.com. You have to search “What is my IP address” and it will immediately provide you external (“white”) IP address. If not, you can also go through one of these links from the search and it will prompt you with the IP address.
Once done, write it down, because we are going to use it to access this FTP from the Internet (it assumes that your computer or router are assigned a public IP address). Go to any computer outside of the network and type FTP:// IP address in the search bar. You should enter the username and password again and click OK.
Adding FTP Site to the Windows 10 Network Location List
You can connect your FTP site to your Windows Network Locations to permanently access FTP files and folders.
- Run File Explorer, right click in the pane and select the Add a network location item;
- Select Choose a custom network location;
- Specify your ftp server address in the following format: ftp://your_win10_ftp
- Check the box Logon on anonymous (with a blank password) or specify your FTP username;
- It remains to specify the connection name and press Next > Finish.
- Your FTP site should appears in the list of your Network Locations.