If you want to go with the SFTP only solution, I have created a blog post recently that describes exactly this including a few of the common errors:
http://blog.frands.net/sftp-only-chroot-users-with-openssh-in-debian-166/
If you want to go with the FTP solution, vsftpd is indeed a fine choice. However, when a user uploads a file it will be set with his user and group following the defined umask. You could set the user's primary group to www-data and then create a umask that fits in vsftpd.
This is a quick-howto do what I suggested:
Create the user with the www-data group, no real shell and the correct home dir, set the password afterwards
useradd -d /path/to/his/domain.com -g www-data -s /bin/false theusername
passwd theusername
Make sure that vsftpd accepts his shell. cat /etc/shells and look for /bin/false (it should not be there by default) - if it not there, add it:
echo "/bin/false" >> /etc/shells
Next, edit the vsftpd config file. Touch these parameters: (if they are commented out, remove the #)
Disable anonymous access to the server
anonymous_enable=NO
Allow local users to use FTP
local_enable=YES
Allow file uploads
write_enable=YES
Set the umask, so the files the user uploads are also writable by group (www-data)
local_umask=002
Chroot the user so he cannot move out of his home dir
chroot_local_user=YES
Now, restart vsftpd
/etc/init.d/vsftpd restart
and you should be all set.
BUT!
- FTP is generally insecure.
- If SFTP is possible, use it.
- Having the webserver allowed to write to files is a security flaw, unless the directory is used for uploads or files that the website commonly changes.
Best Answer
The
umask
setting influences the permission bits on the newly created files and directories. It doesn't influence the ownership.You could add the user who uploads the files to the
www-data
group. A umask of 022 in the FTP server would then make sure that these files are readable by the webserver but not writeable.If you also use PHP, you could set up
suphp
so that the uploaded php scripts will get executed as the user to whom they belong. Like this, your scripts would also be able to write to your files (the wouldn't if they were executed as www-data).