Proftpd-config

From My Notepad
Jump to: navigation, search

The configuration below locks the PlcmSpIp user into only logging in to the FTP server only from the local network and locahost.

ServerName                      "FTP Server"
ServerType      standalone
DefaultServer                   on

# Port 21 is the standard FTP port.
Port                            21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances                    30

# Set the user and group under which the server will run.
User                            nobody
Group                           nobody
RequireValidShell               off

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~

# Normally, we want files to be overwriteable.
AllowOverwrite          on

# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
  DenyAll
</Limit>

<Class localnet>
  From 127.0.0.0/8
  From 192.168.172.0/24
</Class>

<IfUser PlcmSpIp>
  <Limit LOGIN>
    AllowClass localnet
    DenyAll
  </Limit>
</IfUser>