Allowing only encrypted ftp connections.

[Ravenik]

Hi, I use original Asustor AS5304T ftp server. In my NAS web portal I see there seems to be no option to force TLS and disallow unencrypted control connection. In order to force TLS I found a directory:
root@ASHARE:/volume0/usr/builtin/etc/proftpd # ls -al
total 48
drwxr-xr-x 2 root root 4096 Dec 6 00:45 ./
drwxr-xr-x 52 root root 4096 Nov 23 19:31 ../
-rw-r--r-- 1 root root 308 Dec 6 00:40 asustorftp.conf
-rw-r--r-- 1 root root 308 Dec 6 00:39 asustorftp.conf~
-rw-r--r-- 1 root root 484 Dec 4 21:15 ftpanonymous.conf
-rw-r--r-- 1 root root 18190 Dec 4 21:15 ftpshare.conf
-rw-r--r-- 1 root root 915 Dec 6 00:45 proftpd.conf
-rw-r--r-- 1 root root 914 Dec 6 00:43 proftpd.conf~

I edited above file: proftpd.conf and added a line:
TLSRequired on

Then in shell:
kill -HUP PROFTPD_PID
where PROFTPD_PID is pid of proftpd.

Ok, it works. It even survives NAS restart.
The problem is that whenever I use a web browser and go to my NAS-web-portal\Services\FTP Server and edit anything, then my line: "TLSRequired on" is removed from proftpd.conf and ftp server starts accepting unencrypted connections again.

My questions is if it is possible to prevent my NAS from removing "TLSRequired on" from "proftpd.conf" whenever I use a web browser and change something in web-portal\Services\FTP Server?

[ndl101]

My questions is if it is possible to prevent my NAS from removing "TLSRequired on" from "proftpd.conf" whenever I use a web browser and change something in web-portal\Services\FTP Server?

I Not that I know of. For the most part, manually editing the configuration files on the NAS is a short-lived "solution" as, and you already experienced this, the files are usually either "restored" from a read-only mount during boot or overwritten by some part of ADM when the configuration is changed via the GUI.