This file has been truncated. show original
.. note:: The FTP protocol is insecure: password are sent in clear text.
The :index:`FTP` server allows to transfer files between client and server.
A FTP user can be :dfn:`virtual` or a system users.
Virtual users can access only the FTP server. This is the recommended configuration.
The web interface allows the configuration only of virtual users.
When accessing the FTP server, a user can explore the entire filesystem accordingly to its own privileges.
To avoid information disclosure, the FTP user can be configured in a jail using the :dfn:`chroot` option: the user
will not be able to exit the jail directory.
This behavior can be useful in case a shared folder is used as part of a simple web hosting. Insert the shared folder
path inside the custom field. For example, given a shared folder called *mywebsite*, fill the field with: ::