# This sample configuration file illustrates configuring two # anonymous directories, and a guest (same thing as anonymous but # requires a valid password to login) ServerName "ProFTPD Anonymous Server" ServerType standalone # Port 21 is the standard FTP port. Port 21 # If you don't want normal users logging in at all, uncomment this # next section # # DenyAll # # Set the user and group that the server normally runs at. User nobody Group nogroup # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 30 # Set the maximum number of seconds a data connection is allowed # to "stall" before being aborted. TimeoutStalled 300 # We want 'welcome.msg' displayed at login, and '.message' displayed # in each newly chdired directory. DisplayLogin welcome.msg DisplayFirstChdir .message # Our "basic" anonymous configuration, including a single # upload directory ("uploads") # Allow logins if they are disabled above. AllowAll # Maximum clients with message MaxClients 5 "Sorry, max %m users -- try again later" User ftp Group ftp # We want clients to be able to login with "anonymous" as well as "ftp" UserAlias anonymous ftp # Limit WRITE everywhere in the anonymous chroot DenyAll # An upload directory that allows storing files but not retrieving # or creating directories. DenyAll AllowAll # A second anonymous ftp section. Users can login as "private". Here # we hide files owned by root from being manipulated in any way. User bobf Group users UserAlias private bobf UserAlias engineering bobf # Deny access from *.evil.net and *.otherevil.net, but allow # all others. Order deny,allow Deny from .evil.net, .otherevil.net Allow from all # We want all uploaded files to be owned by 'engdept' group and # group writable. GroupOwner engdept Umask 006 # Hide all files owned by user 'root' HideUser root DenyAll # Disallow clients from any access to hidden files. IgnoreHidden on # Permit uploading and creation of new directories in # submissions/public DenyAll IgnoreHidden on AllowAll IgnoreHidden on # The last anonymous example creates a "guest" account, which clients # can authenticate to only if they know the user's password. User guest Group nobody AnonRequirePassword on AllowAll # Deny write access from all except trusted hosts. Order allow, deny Allow from 10.0.0. Deny from all