Kod: Zaznacz cały
Include /etc/proftpd/modules.conf
# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6 off
UseReverseDNS off
IdentLookups off
ServerName "serverlinux"
ServerType standalone
DeferWelcome on
#Bind 80.52.243.42
#MultilineRFC2228 on
DefaultServer on
#DefaultRoot ~
ShowSymlinks on
Umask 002
#User nobody
#Group nobody
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayFirstChdir .message
ListOptions "-l"
DenyFilter \*.*/
# Port 21 is the standard FTP port.
Port 21
# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
PassivePorts 49152 65534
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs at.
#User proftpd
#Group nogroup
User ftp
Group nogroup
#<Anonymous ~ftp>
#User ftp
#Group ftp
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on
# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd off
#AnonRequirePassword off
#Allow from 127.0.0.1
#Allow from 192.168.1.
#Allow from 172.23.198.
# Be warned: use of this directive impacts CPU average load!
#
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
# UseSendFile off
TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log
<IfModule mod_tls.c>
TLSEngine off
</IfModule>
<IfModule mod_quota.c>
QuotaEngine on
</IfModule>
<IfModule mod_ratio.c>
Ratios on
</IfModule>
# Delay engine reduces impact of the so-called Timing Attack described in
# [url]http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02[/url]
# It is on by default.
<IfModule mod_delay.c>
DelayEngine on
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine on
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>
# A basic anonymous configuration, no upload directories.
<Anonymous /home/ftp/>
User ftp
Group nogroup
# # We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# # Cosmetic changes, all files belongs to ftp user
DirFakeUser on ftp
DirFakeGroup on nogroup
#
RequireValidShell off
#
# # Limit the maximum number of anonymous logins
MaxClients 30
#
# # We want 'welcome.msg' displayed at login, and '.message' displayed
# # in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message
#
# # Limit WRITE everywhere in the anonymous chroot
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
#
# # Uncomment this if you're brave.
<Directory incoming>
# # Umask 022 is a good standard umask to prevent new files and dirs
# # (second parm) from being group and world writable.
Umask 022 022
<Limit READ WRITE>
DenyAll
</Limit>
<Limit STOR>
AllowAll
</Limit>
</Directory>
</Anonymous>
