142 lines
3.3 KiB
Plaintext
142 lines
3.3 KiB
Plaintext
# This sample configuration file illustrates configuring two
|
|
# anonymous directories, and a guest (same thing as anonymous but
|
|
# requires a valid password to login)
|
|
|
|
ServerName "ProFTPD Anonymous Server"
|
|
ServerType standalone
|
|
|
|
# Port 21 is the standard FTP port.
|
|
Port 21
|
|
|
|
# If you don't want normal users logging in at all, uncomment this
|
|
# next section
|
|
#<Limit LOGIN>
|
|
# DenyAll
|
|
#</Limit>
|
|
|
|
# Set the user and group that the server normally runs at.
|
|
User nobody
|
|
Group nogroup
|
|
|
|
# To prevent DoS attacks, set the maximum number of child processes
|
|
# to 30. If you need to allow more than 30 concurrent connections
|
|
# at once, simply increase this value. Note that this ONLY works
|
|
# in standalone mode, in inetd mode you should use an inetd server
|
|
# that allows you to limit maximum number of processes per service
|
|
# (such as xinetd)
|
|
MaxInstances 30
|
|
|
|
# Set the maximum number of seconds a data connection is allowed
|
|
# to "stall" before being aborted.
|
|
TimeoutStalled 300
|
|
|
|
# We want 'welcome.msg' displayed at login, and '.message' displayed
|
|
# in each newly chdired directory.
|
|
DisplayLogin welcome.msg
|
|
DisplayChdir .message
|
|
|
|
# Our "basic" anonymous configuration, including a single
|
|
# upload directory ("uploads")
|
|
<Anonymous ~ftp>
|
|
|
|
# Allow logins if they are disabled above.
|
|
<Limit LOGIN>
|
|
AllowAll
|
|
</Limit>
|
|
|
|
# Maximum clients with message
|
|
MaxClients 5 "Sorry, max %m users -- try again later"
|
|
|
|
User ftp
|
|
Group ftp
|
|
# We want clients to be able to login with "anonymous" as well as "ftp"
|
|
UserAlias anonymous ftp
|
|
|
|
# Limit WRITE everywhere in the anonymous chroot
|
|
<Limit WRITE>
|
|
DenyAll
|
|
</Limit>
|
|
|
|
# An upload directory that allows storing files but not retrieving
|
|
# or creating directories.
|
|
<Directory uploads/*>
|
|
<Limit READ>
|
|
DenyAll
|
|
</Limit>
|
|
|
|
<Limit STOR>
|
|
AllowAll
|
|
</Limit>
|
|
</Directory>
|
|
</Anonymous>
|
|
|
|
# A second anonymous ftp section. Users can login as "private". Here
|
|
# we hide files owned by root from being manipulated in any way.
|
|
|
|
<Anonymous /usr/local/private>
|
|
User bobf
|
|
Group users
|
|
UserAlias private bobf
|
|
UserAlias engineering bobf
|
|
|
|
# Deny access from *.evil.net and *.otherevil.net, but allow
|
|
# all others.
|
|
<Limit LOGIN>
|
|
Order deny,allow
|
|
Deny from .evil.net, .otherevil.net
|
|
Allow from all
|
|
</Limit>
|
|
|
|
# We want all uploaded files to be owned by 'engdept' group and
|
|
# group writable.
|
|
GroupOwner engdept
|
|
Umask 006
|
|
|
|
# Hide all files owned by user 'root'
|
|
HideUser root
|
|
|
|
<Limit WRITE>
|
|
DenyAll
|
|
</Limit>
|
|
|
|
# Disallow clients from any access to hidden files.
|
|
<Limit READ DIRS>
|
|
IgnoreHidden on
|
|
</Limit>
|
|
|
|
# Permit uploading and creation of new directories in
|
|
# submissions/public
|
|
|
|
<Directory submissions/public>
|
|
<Limit READ>
|
|
DenyAll
|
|
IgnoreHidden on
|
|
</Limit>
|
|
|
|
<Limit STOR MKD RMD XMKD XRMD>
|
|
AllowAll
|
|
IgnoreHidden on
|
|
</Limit>
|
|
</Directory>
|
|
</Anonymous>
|
|
|
|
# The last anonymous example creates a "guest" account, which clients
|
|
# can authenticate to only if they know the user's password.
|
|
|
|
<Anonymous ~guest>
|
|
User guest
|
|
Group nobody
|
|
AnonRequirePassword on
|
|
|
|
<Limit LOGIN>
|
|
AllowAll
|
|
</Limit>
|
|
|
|
# Deny write access from all except trusted hosts.
|
|
<Limit WRITE>
|
|
Order allow, deny
|
|
Allow from 10.0.0.
|
|
Deny from all
|
|
</Limit>
|
|
</Anonymous>
|