The configuration below locks the PlcmSpIp user into only logging in to the FTP server only from the local network and locahost.
ServerName "FTP Server" ServerType standalone DefaultServer on # Port 21 is the standard FTP port. Port 21 # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd). MaxInstances 30 # Set the user and group under which the server will run. User nobody Group nobody RequireValidShell off # To cause every FTP user to be "jailed" (chrooted) into their home # directory, uncomment this line. DefaultRoot ~ # Normally, we want files to be overwriteable. AllowOverwrite on # Bar use of SITE CHMOD by default <Limit SITE_CHMOD> DenyAll </Limit> <Class localnet> From 127.0.0.0/8 From 192.168.172.0/24 </Class> <IfUser PlcmSpIp> <Limit LOGIN> AllowClass localnet DenyAll </Limit> </IfUser>