# This is the ProFTPD configuration file

# $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $

ServerName			"ProFTPD server"

ServerIdent			on "FTP Server ready."

ServerAdmin			root@localhost

ServerType			standalone

#ServerType			inetd

DefaultServer			on

AccessGrantMsg			"User %u logged in."

#DisplayConnect			/etc/ftpissue

#DisplayLogin			/etc/ftpmotd

#DisplayGoAway			/etc/ftpgoaway

DeferWelcome			off

# Use this to excude users from the chroot

DefaultRoot			~ !adm

# Use pam to authenticate by default

AuthPAMAuthoritative		on

# Do not perform ident nor DNS lookups (hangs when the port is filtered)

IdentLookups			off

UseReverseDNS			off

# Port 21 is the standard FTP port.

Port				21

# Umask 022 is a good standard umask to prevent new dirs and files

# from being group and world writable.

Umask				022

# Default to show dot files in directory listings

ListOptions			"-a"

# See Configuration.html for these (here are the default values)

#MultilineRFC2228		off

#RootLogin			off

#LoginPasswordPrompt		on

#MaxLoginAttempts		3

#MaxClientsPerHost		none

#AllowForeignAddress		off	# For FXP

# Allow to resume not only the downloads but the uploads too

AllowRetrieveRestart		on

AllowStoreRestart		on

# To prevent DoS attacks, set the maximum number of child processes

# to 30.  If you need to allow more than 30 concurrent connections

# at once, simply increase this value.  Note that this ONLY works

# in standalone mode, in inetd mode you should use an inetd server

# that allows you to limit maximum number of processes per service

# (such as xinetd)

MaxInstances			20

# Set the user and group that the server normally runs at.

User				nobody

Group				nobody

# This is where we want to put the pid file

ScoreboardFile			/var/run/proftpd.score

# Normally, we want users to do a few things.

<Global>

  AllowOverwrite		yes

  <Limit ALL SITE_CHMOD>

    AllowAll

  </Limit>

</Global>

# Define the log formats

LogFormat			default	"%h %l %u %t \"%r\" %s %b"

LogFormat			auth	"%v [%P] %h %t \"%r\" %s"

# TLS

# Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html

#TLSEngine			on

#TLSRequired			on

#TLSRSACertificateFile		/usr/share/ssl/certs/proftpd.pem

#TLSRSACertificateKeyFile	/usr/share/ssl/certs/proftpd.pem

#TLSCipherSuite			ALL:!ADH:!DES

#TLSOptions			NoCertRequest

#TLSVerifyClient		off

##TLSRenegotiate		ctrl 3600 data 512000 required off timeout 300

#TLSLog				/var/log/proftpd/tls.log

# A basic anonymous configuration, with an upload directory.

#<Anonymous ~ftp>

#  User				ftp

#  Group				ftp

#  AccessGrantMsg		"Anonymous login ok, restrictions apply."

#

#  # We want clients to be able to login with "anonymous" as well as "ftp"

#  UserAlias			anonymous ftp

#

#  # Limit the maximum number of anonymous logins

#  MaxClients			10 "Sorry, max %m users -- try again later"

#

#  # Put the user into /pub right after login

#  #DefaultChdir			/pub

#

#  # We want 'welcome.msg' displayed at login, '.message' displayed in

#  # each newly chdired directory and tell users to read README* files. 

#  DisplayLogin			/welcome.msg

#  DisplayFirstChdir		.message

#  DisplayReadme			README*

#

#  # Some more cosmetic and not vital stuff

#  DirFakeUser			on ftpadm

#  DirFakeGroup			on ftpadm

#

#  # Limit WRITE everywhere in the anonymous chroot

#  <Limit WRITE SITE_CHMOD>

#    DenyAll

#  </Limit>

#

#  # An upload directory that allows storing files but not retrieving

#  # or creating directories.

#  <Directory uploads/*>

#    AllowOverwrite		no

#    <Limit READ>

#      DenyAll

#    </Limit>

#

#    <Limit STOR>

#      AllowAll

#    </Limit>

#  </Directory>

#

#  # Don't write anonymous accesses to the system wtmp file (good idea!)

#  WtmpLog			off

#

#  # Logging for the anonymous transfers

#  ExtendedLog		/var/log/proftpd/access.log WRITE,READ default

#  ExtendedLog		/var/log/proftpd/auth.log AUTH auth

#

#</Anonymous>