# this is a ProFTPD configuration file.  It is configured to provide
# backwards compatability with aftpd. Changes to this file can be
# made, but please be sure you know what you're doing.
#
# see official ProFTPD documentation at <http://www.proftpd.org/>
#

# normal stuff
ServerName			"ProFTPD-TLS"
ServerType			inetd
ServerIdent			Off
DefaultServer			On
DefaultRoot			~ !wheel
AllowForeignAddress		On
AuthOrder			mod_auth_pam.c* mod_auth_unix.c

UseReverseDNS			Off
RequireValidShell		Off
TimesGMT			Off
ListOptions			"-A"
DisplayConnect			"/etc/ftpbanner"
RootLogin on

# Use the IANA registered ephemeral port range
PassivePorts			 49152 65534

# Enable RFC2228 multiline response mode
MultilineRFC2228		On

# Port 21 is the standard FTP port.
Port				21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask				022

# Set the user and group that the server normally runs at.
User				nobody
Group				nogroup

# deny access to .ftpaccess files
PathDenyFilter			"\.ftpaccess$"

TLSEngine			On
TLSUseSSCert			On
#TLSLog				/var/log/proftp-tls-log

# Normally, we want files to be overwriteable.
<Directory /*>
  AllowOverwrite		On
  HideNoAccess			On
</Directory>

# A basic anonymous configuration, no upload directories.
# note that upload directories can be configured here or by
# using a .ftpaccess file in the directory you want affected.
<Anonymous ~ftp>
  User				ftp	
  Group				ftp

  AllowForeignAddress		on

  DirFakeUser			on
  DirFakeGroup			on

  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias			anonymous ftp

  # Limit the maximum number of anonymous logins
  MaxClients			10

  # We want '.welcome' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin			.welcome
  DisplayFirstChdir		.message

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>

</Anonymous>