From 0fb5f17dc10db4c2f613d712448353cdd541acbf Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Thu, 10 Jan 2019 09:20:55 +0000 Subject: [PATCH] - better default configuration --- proftpd.conf | 125 +++++++++++++++++++++++++++++---------------------- proftpd.spec | 2 +- 2 files changed, 72 insertions(+), 55 deletions(-) diff --git a/proftpd.conf b/proftpd.conf index 9f00ce8..2081c58 100644 --- a/proftpd.conf +++ b/proftpd.conf @@ -1,73 +1,90 @@ -# $Id$ - -ServerName "ProFTPD" +# Set the mode proftpd runs in ServerType standalone -DeferWelcome off -DefaultServer on -#IdentLookups off -#UseReverseDNS off -# Set to off if you use NSS LDAP, NIS, etc. -#PersistentPasswd off +# Set the message displayed on connect +ServerIdent on "FTP server ready" -# If you want .message files to work with browsers, you probably -# want to uncomment the next line -#MultilineRFC2228 on +# Sets the maximum number of child processes to be spawned +MaxInstances 30 + +# Make this configuration default one +DefaultServer on -# Port 21 is the standard FTP port. +# Bind to specified IP addresses +SocketBindTight off + +# Set the port proftpd will listen on Port 21 -# Umask 022 is a good standard umask to prevent new dirs and files -# from being group and world writable. -Umask 022 -# Set the user and group that the server normally runs at. -User ftp -Group ftp +# Apply global configuration directives + + # Set the user the daemon will run as + User ftp -#RequireValidShell off + # Set the group the server normally runs as + Group nobody -# use separate auth files instead of system auth -#AuthUserFile /etc/ftpd/passwd -#AuthGroupFile /etc/ftpd/group + # Set the default umask + Umask 022 -# Normally, we want files to be overwriteable. - - AllowOverwrite on - + # Don't show welcome message until user has authenticated + DeferWelcome off -# lock users to their homedir -DefaultRoot ~ + # Toggle ident lookups + IdentLookups off -# allow resume uploads and downloads -AllowRetrieveRestart on -AllowStoreRestart on + # Toggle rDNS lookups + UseReverseDNS on -# enable this to have your ftp server FXP gateway. -# only enable this if you trust your users as it allows your ftp server to connect anywhere. -# DO NOT enable this if you have anonymous logins enabled! -#AllowForeignAddress on + # Allow connections based on /etc/shells + RequireValidShell on -# NAT support -# http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-NAT.html -#MasqueradeAddress my.domain.com -#PassivePorts 60000 65535 + # Allow clients to resume downloads + AllowRetrieveRestart on -#UseIPv6 off + # Allow clients to resume uploads + AllowStoreRestart on -# Do not announce server software at logon. for paranoids. -#ServerIdent off + # Enable files to be overwritten + AllowOverwrite on -# To prevent DoS attacks, set the maximum number of child processes -# to 30. If you need to allow more than 30 concurrent connections -# at once, simply increase this value. Note that this ONLY works -# in standalone mode, in inetd mode you should use an inetd server -# that allows you to limit maximum number of processes per service -# (such as xinetd). -MaxInstances 30 + # Sets how many password attempts are allowed before disconnection + MaxLoginAttempts 3 + + # Specify alternate passwd/group files to be used + #AuthUserFile /etc/ftpd/passwd + #AuthGroupFile /etc/ftpd/group + + # Set the default method of data transfer + DefaultTransferMode binary + + # Specify the ftp-data port range to be used + PassivePorts 57000 60000 + + # Sets the idle connection timeout + TimeoutIdle 300 + + # Sets the login timeout + TimeoutLogin 120 + + # Sets the timeout on stalled data transfers + TimeoutStalled 300 + + # Sets the connection without transfer timeout + TimeoutNoTransfer 300 + + # Configure options used when listing directories + ListOptions "-a" + + # Lock users in their home directory + DefaultRoot ~ + + # Specify proftpd logfile + ExtendedLog /var/log/ftp.log -# Idle -TimeoutLogin 300 -TimeoutNoTransfer 300 + # Specify transfer log + TransferLog /var/log/ftp.xfer.log + -# Load additional (modules) config +# Load additional config files (modules etc.) Include /etc/ftpd/conf.d/*.conf diff --git a/proftpd.spec b/proftpd.spec index e912b27..2c5b423 100644 --- a/proftpd.spec +++ b/proftpd.spec @@ -24,7 +24,7 @@ Summary(pt_BR.UTF-8): Servidor FTP profissional, com sintaxe de configuração s Summary(zh_CN.UTF-8): 易于管理的,安全的 FTP 服务器 Name: proftpd Version: 1.3.6 -Release: 2 +Release: 2.1 Epoch: 2 License: GPL v2+ Group: Networking/Daemons -- 2.46.0