# This is the ProFTPD configuration file # # See: http://www.proftpd.org/docs/directives/linked/by-name.html # Server Config - config used for anything outside a or context # See: http://www.proftpd.org/docs/howto/Vhost.html ServerName "ProFTPD server" ServerIdent on "FTP Server ready." ServerAdmin root@localhost DefaultServer on DefaultRoot ~ # Don't do reverse DNS lookups (hangs on DNS problems) UseReverseDNS off # Set the user and group that the server runs as User nobody Group nobody # To prevent DoS attacks, set the maximum number of child processes # to 20. If you need to allow more than 20 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode; in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 20 # Disable sendfile by default since it breaks displaying the download speeds in # ftptop and ftpwho UseSendfile off # Define the log formats LogFormat default "%h %l %u %t \"%r\" %s %b" LogFormat auth "%v [%P] %h %t \"%r\" %s" # Dynamic ban lists (http://www.proftpd.org/docs/contrib/mod_ban.html) # Enable this with PROFTPD_OPTIONS=-DDYNAMIC_BAN_LISTS in /etc/sysconfig/proftpd LoadModule mod_ban.c BanEngine on BanLog /var/log/proftpd/ban.log BanTable /var/run/proftpd/ban.tab # If the same client reaches the MaxLoginAttempts limit 2 times # within 10 minutes, automatically add a ban for that client that # will expire after one hour. BanOnEvent MaxLoginAttempts 2/00:10:00 01:00:00 # Allow the FTP admin to manually add/remove bans BanControlsACLs all allow user ftpadm # Global Config - config common to Server Config and all virtual hosts # See: http://www.proftpd.org/docs/howto/Vhost.html # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable Umask 022 # Allow users to overwrite files and change permissions AllowOverwrite yes AllowAll LoadModule mod_sql.c LoadModule mod_sql_mysql.c # The passwords in MySQL are encrypted using CRYPT SQLAuthTypes OpenSSL Crypt SQLAuthenticate users groups SQLConnectInfo [[[REPLACE_WITH_DATABASE_NAME]]]@[[[REPLACE_WITH_DATABASE_HOST]]] [[[REPLACE_WITH_DATABASE_USER]]] [[[REPLACE_WITH_DATABASE_PASS]]] # Here we tell ProFTPd the names of the database columns in the "usertable" # we want it to interact with. Match the names with those in the db SQLUserInfo plugin_ftp_proftpd_user user_id passwd uid gid home_dir shell # Here we tell ProFTPd the names of the database columns in the "grouptable" # we want it to interact with. Again the names match with those in the db SQLGroupInfo plugin_ftp_proftpd_group group_name gid members # set min UID and GID - otherwise these are 999 each SQLMinID 500 # Update count every time user logs in SQLLog PASS updatecount SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE user_id='%u'" plugin_ftp_proftpd_user # Update modified everytime user uploads or deletes a file SQLLog STOR,DELE modified SQLNamedQuery modified UPDATE "modified=now() WHERE user_id='%u'" plugin_ftp_proftpd_user SqlLogFile /var/log/proftpd/sql.log RootLogin off RequireValidShell off # auto create home CreateHome on 711