The ftp server saga continues.
What we are trying to do, is to make our Material Safety Data Sheets
[MSDS's] available to our customers via our web site. We do not host
the web site. We are going to host the ftp server. All MSDS's will be
burned onto a CD in .pdf format. We would like our customers to be able
to click on an icon on the web page that will link directly to the file
on the ftp server.
The ftp server is set up, it operates properly, we've set the firewalls
on the router and on the ftp machine according to the latest thinking to
keep out the script morons and it seems to work [we get scanned alot,
but no one gets in].
Here's the question/problem. From what I can determine, when someone
hits the www page, and then clicks on the link for the file on the ftp
server, the IP address of the user's machine [rather than the IP address
of the www server] is what is seen by the ftp machine. This creates an
obvious security headache [we have to allow almost everybody].
So, is there a way to hard link the www server to the ftp machine so
that we can just allow the www server's IP address in the "hosts.allow"
file [and deny everybody else]?
To Reply Direct, Remove Clothes.