# # Virtual Hosting Server Configuration # by M.Lowes <markl@ftech.net> # for Frontier Internet Services Limited # (http://www.ftech.net/) ServerName "Master Webserver" # Spawn from inetd? #ServerType inetd # or maybe a standalone server... ServerType standalone # don't give the server banner until _after_ authentication DeferWelcome off # Some basic defaults Port 21 Umask 002 TimeoutLogin 120 TimeoutIdle 600 TimeoutNoTransfer 900 TimeoutStalled 3600 # No, I don't think we'll run as root! User ftp Group ftp # This is a non-customer usable name, (i.e. they should be connecting via # www.{domain}) not 'hostname'. Therefore let's dump them in a dummy account # and wait for them to scream. DefaultRoot /web/Legacy/ # Performance, let's do DNS resolution when we process the logs... UseReverseDNS off # Where do we put the pid files? ScoreboardFile /var/run/proftpd.score # Logging options TransferLog /var/spool/syslog/proftpd/xferlog.legacy # Some logging formats LogFormat default "%h %l %u %t \"%r\" %s %b" LogFormat auth "%v [%P] %h %t \"%r\" %s" LogFormat write "%h %l %u %t \"%r\" %s %b" # Global settings <Global> DisplayLogin welcome.msg DisplayChdir readme # having to delete before uploading is a pain ;) AllowOverwrite yes # Turn off Ident lookups <IfModule mod_ident.c> IdentLookups off </IfModule> # Logging file/dir access ExtendedLog /var/spool/syslog/proftpd/access.log WRITE,READ write # Record all logins ExtendedLog /var/spool/syslog/proftpd/auth.log AUTH auth # Paranoia logging level.... #ExtendedLog /var/spool/syslog/proftpd/paranoid.log ALL default </Global> # Deny writing to the base server... <Limit WRITE> DenyAll </Limit> # -------------------------------------------- # Virtual Servers start here.... # -------------------------------------------- # # www.ftech.net. # This is the default server # Gets all the connections for www.{customer.domain}, & www.ftech.net <VirtualHost www.ftech.net> ServerAdmin webmaster@Ftech.net ServerName "Master Webserver" MaxLoginAttempts 2 RequireValidShell no TransferLog /var/spool/syslog/proftpd/xferlog.www MaxClients 50 DefaultServer on DefaultRoot ~ !staff AllowOverwrite yes # Not quickly do we kick someone out TimeoutLogin 120 TimeoutIdle 600 TimeoutNoTransfer 900 # -------------------------------------------- # Got a Frontpage customer who keeps breaking things???? # - stick 'em in group fpage # -------------------------------------------- <Directory ~/public_html> # Block them from doing anything other than reading... <Limit STOR RNFR DELE> DenyGroup fpage </Limit> </Directory> # ditto for ftp_root if it's there... <Directory ~/ftp_root> <Limit STOR RNFR DELE> DenyAll </Limit> </Directory> # Limit by IP... <Directory /web/zsl> <Limit ALL> Order Allow,Deny Allow 195.200.31.220 Allow 212.32.17.0/26 DenyAll </Limit> </Directory> </VirtualHost> # -------------------------------------------- # Legacy server, left in because some people # haven't realised it's gone yet. Shove 'em into # a dummy $home <VirtualHost web-1.ftech.net> ServerAdmin webmaster@Ftech.net ServerName "Legacy Web Upload Server" MaxLoginAttempts 2 RequireValidShell no MaxClients 50 DefaultRoot ~ !staff MaxClients 2 AllowOverwrite yes TransferLog /var/spool/syslog/proftpd/xferlog.web-1 </VirtualHost> # -------------------------------------------- # ftp.ftech.net # -------------------------------------------- <VirtualHost ftp.ftech.net> ServerAdmin ftpmaster@ftech.net ServerName "Frontier Internet Public FTP Server" TransferLog /ftp/xferlog/ftp.ftech.net MaxLoginAttempts 3 RequireValidShell no DefaultRoot /ftp/ftp.ftech.net AllowOverwrite yes # Auth files.... AuthUserFile /var/conf/ftp/authfiles/passwd.ftp.ftech.net AuthGroupFile /var/conf/ftp/authfiles/group.ftp.ftech.net # A basic anonymous configuration, no upload directories. <Anonymous /ftp/ftp.ftech.net> User ftp Group ftp # We want clients to be able to login with "anonymous" as well as "ftp" UserAlias anonymous ftp RequireValidShell no # Limit the maximum number of anonymous logins MaxClients 50 # We want 'welcome.msg' displayed at login, and '.message' displayed # in each newly chdired directory. <Directory pub/incoming> <Limit STOR> AllowAll </Limit> <Limit WRITE DIRS READ> DenyAll </Limit> <Limit CWD XCWD CDUP XCUP> AllowAll </Limit> </Directory> <Directory home> <Limit ALL> DenyAll </Limit> </Directory> # Limit access to the mirrors to LINX only <Directory mirrors> <Limit RETR> Order Allow,Deny Allow .uk, .ftech.net Allow .vom.tm DenyAll </Limit> </Directory> # Limit WRITE everywhere in the anonymous chroot <Limit WRITE> DenyAll </Limit> </Anonymous> </VirtualHost> # ---------------------------------------------------- # Virtual ftp with anon access, but no incoming # ---------------------------------------------------- <VirtualHost ftp.foo1.com> ServerAdmin ftpmaster@foo1.com ServerName "Foo1 FTP Server" TransferLog /var/spool/syslog/xfer/ftp.foo1.com MaxLoginAttempts 3 RequireValidShell no DefaultRoot /ftp/ftp.foo1.com User foo1 Group foo1 AllowOverwrite yes # Auth files.... AuthUserFile /var/conf/ftp//authfiles/passwd.ftp.foo1.com AuthGroupFile /var/conf/ftp//authfiles/group.ftp.foo1.com <Anonymous /ftp/ftp.foo1.com> User ftp Group ftp UserAlias anonymous ftp RequireValidShell no MaxClients 20 <Limit WRITE> DenyAll </Limit> </Anonymous> </VirtualHost> # ---------------------------------------------------- # ftp.foo2.com # Anon, no incoming, some private access areas # ---------------------------------------------------- <VirtualHost ftp.foo2.com> ServerAdmin ftpmaster@mcresearch.co.uk ServerName "MC Research FTP Server" TransferLog /var/spool/syslog/xfer/ftp.foo2.com MaxLoginAttempts 3 RequireValidShell no DefaultRoot /ftp/ftp.foo2.com User foo2 Group foo2 AllowOverwrite yes # Auth files.... AuthUserFile /var/conf/ftp//authfiles/passwd.ftp.foo2.com AuthGroupFile /var/conf/ftp//authfiles/group.ftp.foo2.com <Directory /ftp/ftp.foo2.com/pub> <Limit WRITE> AllowUser mcres DenyAll </Limit> </Directory> <Directory /ftp/ftp.foo2.com/download> <Limit ALL> AllowUser mcres AllowUser customer DenyAll </Limit> </Directory> <Anonymous /ftp/ftp.foo2.com> User ftp Group ftp UserAlias anonymous ftp RequireValidShell no MaxClients 20 <Limit WRITE> DenyAll </Limit> <Directory download> <Limit ALL> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> # ---------------------------------------------------- # ftp.foo3.com # ---------------------------------------------------- <VirtualHost ftp.foo3.com> ServerAdmin ftpmaster@farrukh.co.uk ServerName "Farrukh FTP Archive" TransferLog /var/spool/syslog/xfer/ftp.foo3.com MaxLoginAttempts 3 RequireValidShell no DefaultRoot /web/farrukh2/ftp_root User farrukh2 Group farrukh2 AllowOverwrite yes # Auth files.... AuthUserFile /var/conf/ftp//authfiles/passwd.ftp.foo3.com AuthGroupFile /var/conf/ftp//authfiles/group.ftp.foo3.com <Anonymous /web/farrukh2/ftp_root> User ftp Group ftp UserAlias anonymous ftp RequireValidShell no MaxClients 20 <Limit WRITE> DenyAll </Limit> <Directory pub/incoming/*> <Limit STOR> AllowAll </Limit> <Limit WRITE DIRS READ> DenyAll </Limit> <Limit CWD XCWD CDUP XCUP> AllowAll </Limit> </Directory> <Directory pub/Incoming/*> <Limit STOR> AllowAll </Limit> <Limit WRITE DIRS READ> DenyAll </Limit> <Limit CWD XCWD CDUP XCUP> AllowAll </Limit> </Directory> # block access to the secure areas by anon... <Directory fpub> <Limit ALL> DenyAll </Limit> </Directory> <Directory fgroup> <Limit ALL> DenyAll </Limit> </Directory> </Anonymous> # define user based access <Directory /web/farrukh2/ftp_root/fpub> <Limit ALL> AllowUser farrukh AllowUser fguest DenyAll </Limit> </Directory> <Directory /web/farrukh2/ftp_root/fgroup> <Limit ALL> AllowUser farrukh AllowUser fgroup DenyAll </Limit> </Directory> </VirtualHost> # ---------------------------------------------------- # ftp.foo4.com # anon, with incoming upload # ---------------------------------------------------- <VirtualHost ftp.foo4.com> ServerAdmin ftpmaster@teamwork.co.uk ServerName "Teamwork FTP Server" TransferLog /var/spool/syslog/xfer/ftp.foo4.com MaxLoginAttempts 3 RequireValidShell no DefaultRoot /ftp/ftp.foo4.com User foo4 Group foo4 AllowOverwrite yes # Auth files.... AuthUserFile /var/conf/ftp//authfiles/passwd.ftp.foo4.com AuthGroupFile /var/conf/ftp//authfiles/group.ftp.foo4.com <Anonymous /ftp/ftp.foo4.com> User ftp Group ftp UserAlias anonymous ftp RequireValidShell no MaxClients 20 <Limit WRITE> DenyAll </Limit> <Directory pub/incoming/*> <Limit STOR> AllowAll </Limit> <Limit WRITE DIRS READ> DenyAll </Limit> <Limit CWD XCWD CDUP XCUP> AllowAll </Limit> </Directory> <Directory pub/Incoming/*> <Limit STOR> AllowAll </Limit> <Limit WRITE DIRS READ> DenyAll </Limit> <Limit CWD XCWD CDUP XCUP> AllowAll </Limit> </Directory> </Anonymous> </VirtualHost> # ---------------------------------------------------- # The end.... # ----------------------------------------------------