daily pastebin goal
51%
SHARE
TWEET

pure-ftpd.conf

tolikpunkoff Dec 9th, 2016 127 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  
  2. ############################################################
  3. #                                                          #
  4. #         Configuration file for pure-ftpd wrappers        #
  5. #                                                          #
  6. ############################################################
  7.  
  8. # If you want to run Pure-FTPd with this configuration  
  9. # instead of command-line options, please run the
  10. # following command :
  11. #
  12. # /usr/sbin/pure-config.pl /etc/pure-ftpd/pure-ftpd.conf
  13. #
  14. # Please don't forget to have a look at documentation at
  15. # http://www.pureftpd.org/documentation.shtml for a complete list of
  16. # options.
  17.  
  18. # Cage in every user in his home directory
  19.  
  20. ChrootEveryone              yes
  21.  
  22.  
  23.  
  24. # If the previous option is set to "no", members of the following group
  25. # won't be caged. Others will be. If you don't want chroot()ing anyone,
  26. # just comment out ChrootEveryone and TrustedGID.
  27.  
  28. # TrustedGID                    100
  29.  
  30.  
  31.  
  32. # Turn on compatibility hacks for broken clients
  33.  
  34. BrokenClientsCompatibility  no
  35.  
  36.  
  37.  
  38. # Maximum number of simultaneous users
  39.  
  40. MaxClientsNumber            50
  41.  
  42.  
  43.  
  44. # Fork in background
  45.  
  46. Daemonize                   yes
  47.  
  48.  
  49.  
  50. # Maximum number of sim clients with the same IP address
  51.  
  52. MaxClientsPerIP             8
  53.  
  54.  
  55.  
  56. # If you want to log all client commands, set this to "yes".
  57. # This directive can be duplicated to also log server responses.
  58.  
  59. VerboseLog                  yes
  60.  
  61.  
  62.  
  63. # List dot-files even when the client doesn't send "-a".
  64.  
  65. DisplayDotFiles             no
  66.  
  67.  
  68.  
  69. # Don't allow authenticated users - have a public anonymous FTP only.
  70.  
  71. AnonymousOnly               no
  72.  
  73.  
  74.  
  75. # Disallow anonymous connections. Only allow authenticated users.
  76.  
  77. NoAnonymous                 yes
  78.  
  79.  
  80.  
  81. # Syslog facility (auth, authpriv, daemon, ftp, security, user, local*)
  82. # The default facility is "ftp". "none" disables logging.
  83.  
  84. SyslogFacility              ftp
  85.  
  86.  
  87.  
  88. # Display fortune cookies
  89.  
  90. # FortunesFile              /usr/share/fortune/zippy
  91.  
  92.  
  93.  
  94. # Don't resolve host names in log files. Logs are less verbose, but
  95. # it uses less bandwidth. Set this to "yes" on very busy servers or
  96. # if you don't have a working DNS.
  97.  
  98. DontResolve                 yes
  99.  
  100.  
  101.  
  102. # Maximum idle time in minutes (default = 15 minutes)
  103.  
  104. MaxIdleTime                 15
  105.  
  106.  
  107.  
  108. # LDAP configuration file (see README.LDAP)
  109.  
  110. # LDAPConfigFile                /etc/pure-ftpd/pureftpd-ldap.conf
  111.  
  112.  
  113.  
  114. # MySQL configuration file (see README.MySQL)
  115.  
  116. # MySQLConfigFile               /etc/pure-ftpd/pureftpd-mysql.conf
  117.  
  118.  
  119. # Postgres configuration file (see README.PGSQL)
  120.  
  121. # PGSQLConfigFile               /etc/pure-ftpd/pureftpd-pgsql.conf
  122.  
  123.  
  124. # PureDB user database (see README.Virtual-Users)
  125.  
  126. PureDB                        /etc/pure-ftpd/pureftpd.pdb
  127.  
  128.  
  129. # Path to pure-authd socket (see README.Authentication-Modules)
  130.  
  131. # ExtAuth                       /var/run/ftpd.sock
  132.  
  133.  
  134.  
  135. # If you want to enable PAM authentication, uncomment the following line
  136.  
  137. # PAMAuthentication             yes
  138.  
  139.  
  140.  
  141. # If you want simple Unix (/etc/passwd) authentication, uncomment this
  142.  
  143. # UnixAuthentication            yes
  144.  
  145.  
  146.  
  147. # Please note that LDAPConfigFile, MySQLConfigFile, PAMAuthentication and
  148. # UnixAuthentication can be used only once, but they can be combined
  149. # together. For instance, if you use MySQLConfigFile, then UnixAuthentication,
  150. # the SQL server will be asked. If the SQL authentication fails because the
  151. # user wasn't found, another try # will be done with /etc/passwd and
  152. # /etc/shadow. If the SQL authentication fails because the password was wrong,
  153. # the authentication chain stops here. Authentication methods are chained in
  154. # the order they are given.
  155.  
  156.  
  157.  
  158. # 'ls' recursion limits. The first argument is the maximum number of
  159. # files to be displayed. The second one is the max subdirectories depth
  160.  
  161. LimitRecursion              10000 8
  162.  
  163.  
  164.  
  165. # Are anonymous users allowed to create new directories ?
  166.  
  167. AnonymousCanCreateDirs      no
  168.  
  169.  
  170.  
  171. # If the system is more loaded than the following value,
  172. # anonymous users aren't allowed to download.
  173.  
  174. MaxLoad                     4
  175.  
  176.  
  177.  
  178. # Port range for passive connections replies. - for firewalling.
  179.  
  180. PassivePortRange          30000 50000
  181.  
  182.  
  183.  
  184. # Force an IP address in PASV/EPSV/SPSV replies. - for NAT.
  185. # Symbolic host names are also accepted for gateways with dynamic IP
  186. # addresses.
  187.  
  188. # ForcePassiveIP                192.168.0.1
  189.  
  190.  
  191.  
  192. # Upload/download ratio for anonymous users.
  193.  
  194. # AnonymousRatio                1 10
  195.  
  196.  
  197.  
  198. # Upload/download ratio for all users.
  199. # This directive superscedes the previous one.
  200.  
  201. # UserRatio                 1 10
  202.  
  203.  
  204.  
  205. # Disallow downloading of files owned by "ftp", ie.
  206. # files that were uploaded but not validated by a local admin.
  207.  
  208. # AntiWarez                   yes
  209.  
  210.  
  211.  
  212. # IP address/port to listen to (default=all IP and port 21).
  213.  
  214. # Bind                      127.0.0.1,21
  215.  
  216.  
  217.  
  218. # Maximum bandwidth for anonymous users in KB/s
  219.  
  220. # AnonymousBandwidth            8
  221.  
  222.  
  223.  
  224. # Maximum bandwidth for *all* users (including anonymous) in KB/s
  225. # Use AnonymousBandwidth *or* UserBandwidth, both makes no sense.
  226.  
  227. # UserBandwidth             8
  228.  
  229.  
  230.  
  231. # File creation mask. <umask for files>:<umask for dirs> .
  232. # 177:077 if you feel paranoid.
  233.  
  234. Umask                       133:022
  235.  
  236.  
  237.  
  238. # Minimum UID for an authenticated user to log in.
  239.  
  240. MinUID                      100
  241.  
  242.  
  243.  
  244. # Allow FXP transfers for authenticated users.
  245.  
  246. AllowUserFXP                no
  247.  
  248.  
  249.  
  250. # Allow anonymous FXP for anonymous and non-anonymous users.
  251.  
  252. AllowAnonymousFXP           no
  253.  
  254.  
  255.  
  256. # Users can't delete/write files beginning with a dot ('.')
  257. # even if they own them. If TrustedGID is enabled, this group
  258. # will have access to dot-files, though.
  259.  
  260. ProhibitDotFilesWrite       no
  261.  
  262.  
  263.  
  264. # Prohibit *reading* of files beginning with a dot (.history, .ssh...)
  265.  
  266. ProhibitDotFilesRead        no
  267.  
  268.  
  269.  
  270. # Never overwrite files. When a file whose name already exist is uploaded,
  271. # it get automatically renamed to file.1, file.2, file.3, ...
  272.  
  273. AutoRename                  no
  274.  
  275.  
  276.  
  277. # Disallow anonymous users to upload new files (no = upload is allowed)
  278.  
  279. AnonymousCantUpload         no
  280.  
  281.  
  282.  
  283. # Only connections to this specific IP address are allowed to be
  284. # non-anonymous. You can use this directive to open several public IPs for
  285. # anonymous FTP, and keep a private firewalled IP for remote administration.
  286. # You can also only allow a non-routable local IP (like 10.x.x.x) to
  287. # authenticate, and keep a public anon-only FTP server on another IP.
  288.  
  289. #TrustedIP                  10.1.1.1
  290.  
  291.  
  292.  
  293. # If you want to add the PID to every logged line, uncomment the following
  294. # line.
  295.  
  296. #LogPID                     yes
  297.  
  298.  
  299.  
  300. # Create an additional log file with transfers logged in a Apache-like format :
  301. # fw.c9x.org - jedi [13/Dec/1975:19:36:39] "GET /ftp/linux.tar.bz2" 200 21809338
  302. # This log file can then be processed by www traffic analyzers.
  303.  
  304. # AltLog                     clf:/var/log/pureftpd.log
  305.  
  306.  
  307.  
  308. # Create an additional log file with transfers logged in a format optimized
  309. # for statistic reports.
  310.  
  311. # AltLog                     stats:/var/log/pureftpd.log
  312.  
  313.  
  314.  
  315. # Create an additional log file with transfers logged in the standard W3C
  316. # format (compatible with most commercial log analyzers)
  317.  
  318. # AltLog                     w3c:/var/log/pureftpd.log
  319.  
  320.  
  321.  
  322. # Disallow the CHMOD command. Users can't change perms of their files.
  323.  
  324. #NoChmod                     yes
  325.  
  326.  
  327.  
  328. # Allow users to resume and upload files, but *NOT* to delete them.
  329.  
  330. #KeepAllFiles                yes
  331.  
  332.  
  333.  
  334. # Automatically create home directories if they are missing
  335.  
  336. CreateHomeDir               yes
  337.  
  338.  
  339.  
  340. # Enable virtual quotas. The first number is the max number of files.
  341. # The second number is the max size of megabytes.
  342. # So 1000:10 limits every user to 1000 files and 10 Mb.
  343.  
  344. #Quota                       1000:10
  345.  
  346.  
  347.  
  348. # If your pure-ftpd has been compiled with standalone support, you can change
  349. # the location of the pid file. The default is /var/run/pure-ftpd.pid
  350.  
  351. PIDFile                     /var/run/pure-ftpd.pid
  352.  
  353.  
  354.  
  355. # If your pure-ftpd has been compiled with pure-uploadscript support,
  356. # this will make pure-ftpd write info about new uploads to
  357. # /var/run/pure-ftpd.upload.pipe so pure-uploadscript can read it and
  358. # spawn a script to handle the upload.
  359. # Don't enable this option if you don't actually use pure-uploadscript.
  360.  
  361. #CallUploadScript yes
  362.  
  363.  
  364.  
  365. # This option is useful with servers where anonymous upload is
  366. # allowed. As /var/ftp is in /var, it save some space and protect
  367. # the log files. When the partition is more that X percent full,
  368. # new uploads are disallowed.
  369.  
  370. #MaxDiskUsage               99
  371.  
  372.  
  373.  
  374. # Set to 'yes' if you don't want your users to rename files.
  375.  
  376. #NoRename                  yes
  377.  
  378.  
  379.  
  380. # Be 'customer proof' : workaround against common customer mistakes like
  381. # 'chmod 0 public_html', that are valid, but that could cause ignorant
  382. # customers to lock their files, and then keep your technical support busy
  383. # with silly issues. If you're sure all your users have some basic Unix
  384. # knowledge, this feature is useless. If you're a hosting service, enable it.
  385.  
  386. CustomerProof              yes
  387.  
  388.  
  389.  
  390. # Per-user concurrency limits. It will only work if the FTP server has
  391. # been compiled with --with-peruserlimits (and this is the case on
  392. # most binary distributions) .
  393. # The format is : <max sessions per user>:<max anonymous sessions>
  394. # For instance, 3:20 means that the same authenticated user can have 3 active
  395. # sessions max. And there are 20 anonymous sessions max.
  396.  
  397. # PerUserLimits            3:20
  398.  
  399.  
  400.  
  401. # When a file is uploaded and there is already a previous version of the file
  402. # with the same name, the old file will neither get removed nor truncated.
  403. # Upload will take place in a temporary file and once the upload is complete,
  404. # the switch to the new version will be atomic. For instance, when a large PHP
  405. # script is being uploaded, the web server will still serve the old version and
  406. # immediatly switch to the new one as soon as the full file will have been
  407. # transfered. This option is incompatible with virtual quotas.
  408.  
  409. # NoTruncate               yes
  410.  
  411.  
  412.  
  413. # This option can accept three values :
  414. # 0 : disable SSL/TLS encryption layer (default).
  415. # 1 : accept both traditional and encrypted sessions.
  416. # 2 : refuse connections that don't use SSL/TLS security mechanisms,
  417. #     including anonymous sessions.
  418. # Do _not_ uncomment this blindly. Be sure that :
  419. # 1) Your server has been compiled with SSL/TLS support (--with-tls),
  420. # 2) A valid certificate is in place,
  421. # 3) Only compatible clients will log in.
  422.  
  423. # TLS                      1
  424.  
  425.  
  426. # OpenSSL ciphers suite for TLS sessions.
  427. # Prefix with -C: in order to require valid client certificates.
  428. # If -C: is used, make sure that clients' public keys are installed
  429. # on the server.
  430. # SSL is disabled by default. TLS 1.0, 1.1 and 1.2 are availale by
  431. # default.
  432.  
  433. # TLSCipherSuite           HIGH
  434.  
  435.  
  436.  
  437. # Certificate file, for TLS
  438.  
  439. # CertFile                 /etc/ssl/private/pure-ftpd.pem
  440.  
  441.  
  442.  
  443. # Listen only to IPv4 addresses in standalone mode (ie. disable IPv6)
  444. # By default, both IPv4 and IPv6 are enabled.
  445.  
  446. IPV4Only                 yes
  447.  
  448.  
  449.  
  450. # Listen only to IPv6 addresses in standalone mode (ie. disable IPv4)
  451. # By default, both IPv4 and IPv6 are enabled.
  452.  
  453. # IPV6Only                 yes
  454.  
  455. # UTF-8 support for file names (RFC 2640)
  456. # Define charset of the server filesystem and optionnally the default charset
  457. # for remote clients if they don't use UTF-8.
  458. # Works only if pure-ftpd has been compiled with --with-rfc2640
  459.  
  460. # FileSystemCharset big5
  461. # ClientCharset     big5
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top