LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 12-05-2004, 09:39 PM   #1
tw001_tw
Member
 
Registered: Mar 2003
Location: St. Louis, MO
Distribution: kubuntu-current
Posts: 551
Blog Entries: 4

Rep: Reputation: 31
please doublecheck my proftpd.conf


Hello one and all.

I'm setting up proftpd to be used JUST from my computer to my server. I don't want
any other computer on the network OR from the 'outside' to be allowed in.
I created an account on the server for me to use, and that is commented out in
the /etc/ftpusers file. root, and ftp are uncommented.

Here is my proftpd.conf file. Any suggestions to make it better or more secure?




Code:
# MY proftpd.conf 

# Global stuff
ServerName			"ProFTPD is used for this ftp"
# ServerType			standalone
ServerType			inetd
DefaultServer			on
Port				21
Umask				022
TimeoutIdle                    1200 
MaxInstances			1
SystemLog			/var/log/proftpd.log
TransferLog			/var/log/xferlog
MaxClients			1
DisplayLogin			welcome.msg
DisplayFirstChdir		.message

<Limit LOGIN>
order Allow,Deny
Allow from 192.168.1.100
Deny from all
</Limit>

# Allow overwriting of files?
<Directory /*>
  AllowOverwrite		off
</Directory>

# Allow reading of incoming
<Directory /home/ftp/incoming/*>
 <Limit READ>
    Order allow,deny
    Allow from 192.168.1.100
    DenyAll
 </Limit>


# Deny write access from all except trusted hosts
<Limit WRITE>
  Order     allow,deny
  Allow     from 192.168.1.100
  Deny      from all
</Limit>

Thanks in advance
-tw

P.S. - it appears to be working, but I can't read the incoming directory.
please advise.

Last edited by tw001_tw; 12-05-2004 at 09:43 PM.
 
Old 12-06-2004, 01:06 AM   #2
Cerbere
Member
 
Registered: Dec 2002
Location: California
Distribution: Slackware & LFS
Posts: 799

Rep: Reputation: 33
Re: please doublecheck my proftpd.conf

Quote:
Originally posted by tw001_tw
Code:
# Allow reading of incoming
<Directory /home/ftp/incoming/*>
 <Limit READ>
    Order allow,deny
    Allow from 192.168.1.100
    DenyAll
 </Limit>
P.S. - it appears to be working, but I can't read the incoming directory.
please advise. [/B]
The 'DenyAll' in this section needs to be changed to 'Deny from all', or at least to 'Deny all'. The DenyAll directive is more stringent than 'Deny from all', and has higher precedence than the Allow directive.

BTW you may want to close port 21 to all but 192.168.1.100 using iptables, just to be sure.

Enjoy!
--- Cerbere
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
help needed with proftpd.conf file? sebasjuh Mandriva 1 10-11-2004 10:26 AM
help explaining proftpd.conf file freekain Linux - Newbie 5 06-14-2004 09:08 AM
proftpd.conf question axis Linux - Networking 1 07-18-2003 01:16 AM
Another ProFTPD conf file? KillerCheeto Linux - Newbie 1 04-25-2003 12:28 AM
proftpd --- need help? could someone post a working proftpd.conf i could look at ZooRoPa Linux - Networking 1 04-02-2003 07:56 PM


All times are GMT -5. The time now is 10:46 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration