#
# Virtual Hosting Server Configuration
# by M.Lowes <markl@ftech.net>
# for Frontier Internet Services Limited
# (http://www.ftech.net/)
ServerName "Master Webserver"
# Spawn from inetd?
#ServerType inetd
# or maybe a standalone server...
ServerType standalone
# don't give the server banner until _after_ authentication
DeferWelcome off
# Some basic defaults
Port 21
Umask 002
TimeoutLogin 120
TimeoutIdle 600
TimeoutNoTransfer 900
TimeoutStalled 3600
# No, I don't think we'll run as root!
User ftp
Group ftp
# This is a non-customer usable name, (i.e. they should be connecting via
# www.{domain}) not 'hostname'. Therefore let's dump them in a dummy account
# and wait for them to scream.
DefaultRoot /web/Legacy/
# Performance, let's do DNS resolution when we process the logs...
UseReverseDNS off
# Where do we put the pid files?
ScoreboardFile /var/run/proftpd.score
# Logging options
TransferLog /var/spool/syslog/proftpd/xferlog.legacy
# Some logging formats
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"
# Global settings
<Global>
DisplayLogin welcome.msg
DisplayChdir readme
# having to delete before uploading is a pain ;)
AllowOverwrite yes
# Turn off Ident lookups
IdentLookups off
# Logging file/dir access
ExtendedLog /var/spool/syslog/proftpd/access.log WRITE,READ write
# Record all logins
ExtendedLog /var/spool/syslog/proftpd/auth.log AUTH auth
# Paranoia logging level....
#ExtendedLog /var/spool/syslog/proftpd/paranoid.log ALL default
</Global>
# Deny writing to the base server...
<Limit WRITE>
DenyAll
</Limit>
# --------------------------------------------
# Virtual Servers start here....
# --------------------------------------------
#
# www.ftech.net.
# This is the default server
# Gets all the connections for www.{customer.domain}, & www.ftech.net
<VirtualHost www.ftech.net>
ServerAdmin webmaster@Ftech.net
ServerName "Master Webserver"
MaxLoginAttempts 2
RequireValidShell no
TransferLog /var/spool/syslog/proftpd/xferlog.www
MaxClients 50
DefaultServer on
DefaultRoot ~ !staff
AllowOverwrite yes
# Not quickly do we kick someone out
TimeoutLogin 120
TimeoutIdle 600
TimeoutNoTransfer 900
# --------------------------------------------
# Got a Frontpage customer who keeps breaking things????
# - stick 'em in group fpage
# --------------------------------------------
<Directory ~/public_html>
# Block them from doing anything other than reading...
<Limit STOR RNFR DELE>
DenyGroup fpage
</Limit>
</Directory>
# ditto for ftp_root if it's there...
<Directory ~/ftp_root>
<Limit STOR RNFR DELE>
DenyAll
</Limit>
</Directory>
# Limit by IP...
<Directory /web/zsl>
<Limit ALL>
Order Allow,Deny
Allow 195.200.31.220
Allow 212.32.17.0/26
DenyAll
</Limit>
</Directory>
</VirtualHost>
# --------------------------------------------
# Legacy server, left in because some people
# haven't realised it's gone yet. Shove 'em into
# a dummy $home
<VirtualHost web-1.ftech.net>
ServerAdmin webmaster@Ftech.net
ServerName "Legacy Web Upload Server"
MaxLoginAttempts 2
RequireValidShell no
MaxClients 50
DefaultRoot ~ !staff
MaxClients 2
AllowOverwrite yes
TransferLog /var/spool/syslog/proftpd/xferlog.web-1
</VirtualHost>
# --------------------------------------------
# ftp.ftech.net
# --------------------------------------------
<VirtualHost ftp.ftech.net>
ServerAdmin ftpmaster@ftech.net
ServerName "Frontier Internet Public FTP Server"
TransferLog /ftp/xferlog/ftp.ftech.net
MaxLoginAttempts 3
RequireValidShell no
DefaultRoot /ftp/ftp.ftech.net
AllowOverwrite yes
# Auth files....
AuthUserFile /var/conf/ftp/authfiles/passwd.ftp.ftech.net
AuthGroupFile /var/conf/ftp/authfiles/group.ftp.ftech.net
# A basic anonymous configuration, no upload directories.
<Anonymous /ftp/ftp.ftech.net>
User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
RequireValidShell no
# Limit the maximum number of anonymous logins
MaxClients 50
# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
<Directory pub/incoming>
<Limit STOR>
AllowAll
</Limit>
<Limit WRITE DIRS READ>
DenyAll
</Limit>
<Limit CWD XCWD CDUP XCUP>
AllowAll
</Limit>
</Directory>
<Directory home>
<Limit ALL>
DenyAll
</Limit>
</Directory>
# Limit access to the mirrors to LINX only
<Directory mirrors>
<Limit RETR>
Order Allow,Deny
Allow .uk, .ftech.net
Allow .vom.tm
DenyAll
</Limit>
</Directory>
# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
</VirtualHost>
# ----------------------------------------------------
# Virtual ftp with anon access, but no incoming
# ----------------------------------------------------
<VirtualHost ftp.foo1.com>
ServerAdmin ftpmaster@foo1.com
ServerName "Foo1 FTP Server"
TransferLog /var/spool/syslog/xfer/ftp.foo1.com
MaxLoginAttempts 3
RequireValidShell no
DefaultRoot /ftp/ftp.foo1.com
User foo1
Group foo1
AllowOverwrite yes
# Auth files....
AuthUserFile /var/conf/ftp//authfiles/passwd.ftp.foo1.com
AuthGroupFile /var/conf/ftp//authfiles/group.ftp.foo1.com
<Anonymous /ftp/ftp.foo1.com>
User ftp
Group ftp
UserAlias anonymous ftp
RequireValidShell no
MaxClients 20
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
</VirtualHost>
# ----------------------------------------------------
# ftp.foo2.com
# Anon, no incoming, some private access areas
# ----------------------------------------------------
<VirtualHost ftp.foo2.com>
ServerAdmin ftpmaster@mcresearch.co.uk
ServerName "MC Research FTP Server"
TransferLog /var/spool/syslog/xfer/ftp.foo2.com
MaxLoginAttempts 3
RequireValidShell no
DefaultRoot /ftp/ftp.foo2.com
User foo2
Group foo2
AllowOverwrite yes
# Auth files....
AuthUserFile /var/conf/ftp//authfiles/passwd.ftp.foo2.com
AuthGroupFile /var/conf/ftp//authfiles/group.ftp.foo2.com
<Directory /ftp/ftp.foo2.com/pub>
<Limit WRITE>
AllowUser mcres
DenyAll
</Limit>
</Directory>
<Directory /ftp/ftp.foo2.com/download>
<Limit ALL>
AllowUser mcres
AllowUser customer
DenyAll
</Limit>
</Directory>
<Anonymous /ftp/ftp.foo2.com>
User ftp
Group ftp
UserAlias anonymous ftp
RequireValidShell no
MaxClients 20
<Limit WRITE>
DenyAll
</Limit>
<Directory download>
<Limit ALL>
DenyAll
</Limit>
</Directory>
</Anonymous>
</VirtualHost>
# ----------------------------------------------------
# ftp.foo3.com
# ----------------------------------------------------
<VirtualHost ftp.foo3.com>
ServerAdmin ftpmaster@farrukh.co.uk
ServerName "Farrukh FTP Archive"
TransferLog /var/spool/syslog/xfer/ftp.foo3.com
MaxLoginAttempts 3
RequireValidShell no
DefaultRoot /web/farrukh2/ftp_root
User farrukh2
Group farrukh2
AllowOverwrite yes
# Auth files....
AuthUserFile /var/conf/ftp//authfiles/passwd.ftp.foo3.com
AuthGroupFile /var/conf/ftp//authfiles/group.ftp.foo3.com
<Anonymous /web/farrukh2/ftp_root>
User ftp
Group ftp
UserAlias anonymous ftp
RequireValidShell no
MaxClients 20
<Limit WRITE>
DenyAll
</Limit>
<Directory pub/incoming/*>
<Limit STOR>
AllowAll
</Limit>
<Limit WRITE DIRS READ>
DenyAll
</Limit>
<Limit CWD XCWD CDUP XCUP>
AllowAll
</Limit>
</Directory>
<Directory pub/Incoming/*>
<Limit STOR>
AllowAll
</Limit>
<Limit WRITE DIRS READ>
DenyAll
</Limit>
<Limit CWD XCWD CDUP XCUP>
AllowAll
</Limit>
</Directory>
# block access to the secure areas by anon...
<Directory fpub>
<Limit ALL>
DenyAll
</Limit>
</Directory>
<Directory fgroup>
<Limit ALL>
DenyAll
</Limit>
</Directory>
</Anonymous>
# define user based access
<Directory /web/farrukh2/ftp_root/fpub>
<Limit ALL>
AllowUser farrukh
AllowUser fguest
DenyAll
</Limit>
</Directory>
<Directory /web/farrukh2/ftp_root/fgroup>
<Limit ALL>
AllowUser farrukh
AllowUser fgroup
DenyAll
</Limit>
</Directory>
</VirtualHost>
# ----------------------------------------------------
# ftp.foo4.com
# anon, with incoming upload
# ----------------------------------------------------
<VirtualHost ftp.foo4.com>
ServerAdmin ftpmaster@teamwork.co.uk
ServerName "Teamwork FTP Server"
TransferLog /var/spool/syslog/xfer/ftp.foo4.com
MaxLoginAttempts 3
RequireValidShell no
DefaultRoot /ftp/ftp.foo4.com
User foo4
Group foo4
AllowOverwrite yes
# Auth files....
AuthUserFile /var/conf/ftp//authfiles/passwd.ftp.foo4.com
AuthGroupFile /var/conf/ftp//authfiles/group.ftp.foo4.com
<Anonymous /ftp/ftp.foo4.com>
User ftp
Group ftp
UserAlias anonymous ftp
RequireValidShell no
MaxClients 20
<Limit WRITE>
DenyAll
</Limit>
<Directory pub/incoming/*>
<Limit STOR>
AllowAll
</Limit>
<Limit WRITE DIRS READ>
DenyAll
</Limit>
<Limit CWD XCWD CDUP XCUP>
AllowAll
</Limit>
</Directory>
<Directory pub/Incoming/*>
<Limit STOR>
AllowAll
</Limit>
<Limit WRITE DIRS READ>
DenyAll
</Limit>
<Limit CWD XCWD CDUP XCUP>
AllowAll
</Limit>
</Directory>
</Anonymous>
</VirtualHost>
# ----------------------------------------------------
# The end....
# ----------------------------------------------------
