Home
Download
Support
Forum
Sitemap
Impressum
proftpd.conf
   7.4 K

# Universelles Muster einer proftpd.conf

#

# Diese Konfigurationsdatei ist fuer den Standard-ProFTPD

# als auch mit eincompilierten mySQL- und TLS-Support.

# Einzelne Direktiven oder ganze Bereiche wurden durch ein

# Kommentarzeichen ("#") deaktivert und sind bei Bedarf

# wieder einfach zu reaktivieren.

#

# Dies ist nur ein Muster und entsprechend anzupassen -

# eine Garantie gleich jedwelcher Art ist ausgeschlossen.

#

# 2006 Volker Gass

 

 

ServerType standalone

PidFile /var/run/proftpd.pid

 

MaxInstances 30

MaxConnectionRate 4

SocketBindTight off

UseReverseDNS off

 

RootRevoke on

DefaultServer on

MultilineRFC2228 on

 

<IfModule mod_delay.c>

DelayEngine off

DelayTable var/run/proftpd/proftpd.delay

</IfModule>

 

<IfModule mod_tls.c>

TLSProtocol SSLv23

</IfModule>

 

# Log-Formate definieren

SystemLog NONE

LogFormat default "%h %l %u %t \"%r\" %s %b"

LogFormat auth "%v [%P] %h %t \"%r\" %s"

LogFormat write "%h %l %u %t \"%r\" %s %b"

 

 

 

# --------------------------------------------

# globale Settings

# --------------------------------------------

 

<Global>

User nobody

Group nogroup

 

 

# --------------------------------------------

# Login

# --------------------------------------------

 

ServerIdent on "FTP server ready."

DeferWelcome on

DisplayConnect /etc/proftpd.msg

 

IdentLookups off

UseFtpUsers off

RequireValidShell off

 

TimeoutLogin 60

MaxLoginAttempts 3

MaxClientsPerHost 3

 

 

# --------------------------------------------

# Authentifikation: Standard

# --------------------------------------------

 

<IfModule !mod_sql.c>

AuthOrder mod_auth_unix.c

 

<Limit LOGIN>

DenyGroup !ftpuser

</Limit>

</IfModule>

 

 

# --------------------------------------------

# Authentifikation per SQL

# --------------------------------------------

 

<IfModule mod_sql.c>

AuthOrder mod_sql.c

 

SQLConnectInfo db@localhost sqluser pass

SQLUserInfo ftp userid passwd uid gid homedir NULL

SQLAuthTypes Plaintext

SQLAuthenticate users

SQLMinUserUID 1024

SQLMinUserGID 555

SQLNegativeCache on

</IfModule>

 

 

# --------------------------------------------

# TLS Standards

# --------------------------------------------

 

<IfModule mod_tls.c>

TLSEngine off

TLSTimeoutHandshake 60

TLSRequired off

TLSVerifyClient off

 

TLSOptions NoCertRequest

TLSLog /var/log/proftpd/tls.log

 

# TLSCACertificateFile /etc/ssl/certs/CA.cert # CA-Cert optional

</IfModule>

 

 

# --------------------------------------------

# Post-Login, Timeouts

# --------------------------------------------

 

PassivePorts 49152 65534

 

DisplayLogin welcome.msg

DisplayFirstChdir .message

AllowOverride off

 

TimeoutIdle 600 # Inaktivitaet

TimeoutNoTransfer 3600 # keine Datenuebertragung (Listing, File, ...)

TimeoutStalled 300 # haengende Datenuebertragung

TimeoutSession 7200 # Gesamtdauer einer Session

 

 

# --------------------------------------------

# Session

# --------------------------------------------

 

DefaultRoot ~

 

DenyFilter \*.*/

ListOptions "-An +R" strict

UseGlobbing off

 

ShowSymlinks on

TimesGMT on

 

 

# --------------------------------------------

# Up- & Download

# --------------------------------------------

 

AllowOverwrite on

AllowRetrieveRestart on

HiddenStores on

DeleteAbortedStores on

AllowStoreRestart off # widerspricht sonst "DeleteAbortedStores"

 

 

# --------------------------------------------

# Datei & Verzeichnis

# --------------------------------------------

 

Umask 0017 0007

 

 

### hierher alle <Directory>-Bloecke

 

 

# --------------------------------------------

# Anonymous FTP

# --------------------------------------------

 

# <Anonymous /home/ftp>

# User ftp

# Group ftpuser

# UserAlias anonymous ftp

#

# MaxClients 5 # weniger anonymous-User als Reg.User

# MaxRetrieveFileSize 512 Mb # max. Downloadgroesse

#

# # Geschwindigkeit von Up/Downloads

# # auf 255 K/sec. beschraenken

# TransferRate APPE,RETR,STOR,STOU 255

#

# <Directory *>

# HideNoAccess on

# <Limit WRITE>

# DenyAll

# IgnoreHidden on

# </Limit>

# </Directory>

# </Anonymous>

 

 

# --------------------------------------------

# Logging

# --------------------------------------------

 

WtmpLog off

TransferLog /var/log/proftpd/xferlog

 

# Record all logins

ExtendedLog /var/log/proftpd/auth.log AUTH auth

 

# Logging file/dir access

ExtendedLog /var/log/proftpd/access.log WRITE,READ write

 

# Paranoia logging level....

ExtendedLog /var/log/proftpd/paranoid.log ALL default

 

# fuer Debug: alle modMySQL Kommentare (Datenmenge immens!)

#SQLLogFile /var/log/proftpd/sql.log

</Global>

 

 

# --------------------------------------------

# Standard-Server

# --------------------------------------------

 

DefaultAddress 192.168.1.100

ServerName meinserver.tld

ServerAdmin hostmaster@meinserver.tld

# MasqueradeAddress meinserver.dyndns.org

 

<IfModule mod_tls.c>

TLSEngine on

TLSRSACertificateFile /etc/ssl/certs/meinserver.tld.cert

TLSRSACertificateKeyFile /etc/ssl/certs/meinserver.tld.key

</IfModule>

 

 

# --------------------------------------------

# Virtuelle Hosts...

# --------------------------------------------

 

<VirtualHost 192.168.1.101>

ServerName server2.meinserver.tld

ServerAdmin hostmaster@meinserver.tld

 

<IfModule mod_tls.c>

TLSEngine on

TLSRSACertificateFile /etc/ssl/certs/server2.meinserver.tld.cert

TLSRSACertificateKeyFile /etc/ssl/certs/server2.meinserver.tld.key

</IfModule>

</VirtualHost>