# This sample configuration file illustrates configure standalone server
# at port 8041, anonymous and chrooting local users to their home-dir
ServerName "FTP Server"
ServerType standalone
ServerIdent off
DefaultServer on
#--lavr Port 21 is the standard FTP port, unwanted.
Port 0
#--lavr, bind to ip=159.93.17.121 and listen port=8041
#Bind 159.93.17.121
SocketBindTight on
Port 8021
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
#
# don't give the server banner until _after_ authentication
#
DeferWelcome off
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
# If you don't want normal users logging in at all, uncomment this
# next section
#
# DenyAll
#
# for Anonymous
#DefaultRoot /pub/ftp/
#-lavr for chroot all user's to home-dir
DefaultRoot ~
# ScoreBoard Path
ScoreboardPath /var/run
#--lavr/pam
# uncomment AuthPAM to disable PAM auth
#AuthPAM off
#AuthPAMAuthoritative off
#--lavr, by default "AuthPAMConfig ftp", not ftpd!!!
#for FreeBSD:
#-------------------------- quote from /etc/pam.conf------------------------
#after insert to /etc/pam.conf, delete ONLY ONE "#" symbol from each line below
## Same requirement for ftpd as login
##--lavr, default for native ftpd daemon
##ftpd auth sufficient pam_skey.so
#ftpd auth requisite pam_cleartext_pass_ok.so
#ftpd auth required pam_unix.so try_first_pass
#
##--lavr, for proftpd pam-auth
#ftp auth required pam_unix.so try_first_pass
#ftp account required pam_unix.so try_first_pass
#ftp session required pam_permit.so
#-------------------------- end of quote ----------------------------------
#AuthPAMConfig proftpd, see proftpd auth at /etc/pam.conf
#PersistentPasswd off
#--lavr uncomment below for disable to check /etc/ftpusers
#UseFtpUsers off
# Maximum clients with message
MaxClients 3 "Sorry, max %m users -- try again later"
MaxClientsPerHost 1 "Sorry, you may not connect more than one time."
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 20
# Set the maximum number of seconds a data connection is allowed
# to "stall" before being aborted.
TimeoutStalled 300
TimeoutLogin 120
TimeoutIdle 600
TimeoutNoTransfer 900
# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message
#
# Logging options
#
SystemLog /var/log/proftpd/proftpd.log
TransferLog /var/log/proftpd/proftpd.log
ExtendedLog /var/log/proftpd/proftpd.log auth,read
#
# Some logging formats
#
LogFormat default "%h [%a] %l %u %t \"%r\" %s %f %b"
LogFormat auth "%v [%P] %h [%a] %t \"%r\" %s"
LogFormat read "%v [%P] %h [%a] %t \"%r\" %s %f %b"
LogFormat write "%h [%a] %l %u %t \"%r\" %s %f %b"
# Filter agains: ls */../*/../*/...
DenyFilter \*.*/
# Performance, let's do DNS resolution when we process the logs...
#--lavr uncomment below if login so slow
#UseReverseDNS off
#IdentLookups off
#--lavr already bind
#
AnonRequirePassword off
RequireValidShell off
UserAlias anonymous ftp
User ftp
Group operator
AccessGrantMsg "Anonymous access granted for %u."
MaxClients 2 "Sorry, max %m users -- try again later"
Order allow,deny
allow from 159.93.17., 62.84.100.
deny from all
#--lavr for allow access to All, remove above up to Limit
# AllowAll
#--lavr see above
#