-# This is a basic ProFTPD configuration file (rename it to
-# 'proftpd.conf' for actual use. It establishes a single server
-# and a single anonymous login. It assumes that you have a user/group
-# "nobody" and "ftp" for normal operation and anon.
+# $Id$
-ServerName "ProFTPD"
-ServerIdent off
-ServerType inetd
-DeferWelcome off
-DefaultServer on
+ServerName "ProFTPD"
+ServerType standalone
+DeferWelcome off
+DefaultServer on
+#IdentLookups off
+#UseReverseDNS off
# If you want .message files to work with browsers, you probably
# want to uncomment the next line
-#MultilineRFC2228 on
-
-# TCPD configuration
-TCPServiceName ftp
-#TCPAccessFiles None
-#TCPAccessSyslogLevels info warn
-#TCPGroupAccessFiles None
-#TCPUserAccessFiles None
-
-# These are the TLS related options, default values
-#TLSEngine off
-#TLSProtocol SSLv23
-#TLSCipherSuite ALL:!ADH
-#TLSRSACertificateFile None
-#TLSRSACertificateKeyFile None
-#TLSDSACertficateFile None
-#TLSDSACertificateKeyFile None
-#TLSCACertificateFile None
-#TLSCACertificatePath None
-#TLSCARevocationFile None
-#TLSCARevocationPath None
-#TLSCertificateChainFile None
-#TLSDHParamFile None
-#TLSLog None
-#TLSOptions None
-#TLSRandomSeed openssl-dir/.rnd
-#TLSRenegotiate None
-#TLSRequired None
-#TLSTimeoutHandshake 300
-#TLSVerifyClient None
-#TLSVerifyDepth 9
+#MultilineRFC2228 on
# Port 21 is the standard FTP port.
-Port 21
+Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
-Umask 022
+Umask 022
# Set the user and group that the server normally runs at.
-User ftp
-Group ftp
+User ftp
+Group ftp
-# use PAM authoritative
-AuthPAMAuthoritative on
+#RequireValidShell off
+
+# use separate auth files instead of system auth
+#AuthUserFile /etc/ftpd/passwd
+#AuthGroupFile /etc/ftpd/group
# Normally, we want files to be overwriteable.
<Directory />
- AllowOverwrite on
+ AllowOverwrite on
</Directory>
-#A basic anonymous configuration
-# uncoment this section below if you want gain annonymous ftp acces
-<Anonymous ~ftp>
- User ftp
- Group ftp
- AnonRequirePassword off
- RequireValidShell off
-
- # We want clients to be able to login with "anonymous" as well as "ftp"
- UserAlias anonymous ftp
-
- # Limit the maximum number of anonymous logins
- MaxClients 10
-
- # We want 'welcome.msg' displayed at login, and '.message' displayed
- # in each newly chdired directory.
- DisplayLogin welcome.msg
- DisplayFirstChdir .message
-
- AllowStoreRestart on
-
- # Limit WRITE everywhere in the anonymous chroot
- <Limit WRITE>
- DenyAll
- </Limit>
-
-# <Directory /home/services/ftp/pub/Incoming>
-# <Limit READ>
-# DenyAll
-# </Limit>
-# <Limit WRITE>
-# AllowAll
-# </Limit>
-# <Limit STOR>
-# AllowAll
-# </Limit>
-# </Directory>
-</Anonymous>
+# lock users to their homedir
+DefaultRoot ~
+
+# allow resume uploads and downloads
+AllowRetrieveRestart on
+AllowStoreRestart on
+
+# enable this to have your ftp server FXP gateway.
+# only enable this if you trust your users as it allows your ftp server to connect anywhere.
+# DO NOT enable this if you have anonymous logins enabled!
+#AllowForeignAddress on
+
+# NAT support
+# http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-NAT.html
+#MasqueradeAddress my.domain.com
+#PassivePorts 60000 65535
+
+#UseIPv6 off
+
+# Do not announce server software at logon. for paranoids.
+#ServerIdent off
+
+# To prevent DoS attacks, set the maximum number of child processes
+# to 30. If you need to allow more than 30 concurrent connections
+# at once, simply increase this value. Note that this ONLY works
+# in standalone mode, in inetd mode you should use an inetd server
+# that allows you to limit maximum number of processes per service
+# (such as xinetd).
+MaxInstances 30
+
+# Idle
+TimeoutLogin 300
+TimeoutNoTransfer 300
+
+# Load additional (modules) config
+Include /etc/ftpd/conf.d/*.conf