setup/start/proftpd.conf

# Includes DSO modules
Include /etc/proftpd/modules.conf

# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6				off
# If set on you can experience a longer connection delay in many cases.
IdentLookups			off

ServerName			Cloudron
ServerType			standalone
DeferWelcome			off

MultilineRFC2228		on
DefaultServer			on
ShowSymlinks			on

TimeoutNoTransfer		600
TimeoutStalled			600
TimeoutIdle			1200

DisplayLogin                    welcome.msg
DisplayChdir               	.message true
ListOptions                	"-l"

DenyFilter			\*.*/

# Use this to jail all users in their homes, will be homeDirectory LDAP attribute
DefaultRoot			~

# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShell		off

# Port 21 is the standard FTP port.
Port				0

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances			10

# Set the user and group that the server normally runs at.
User				www-data
Group				www-data

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask				022  022
# Normally, we want files to be overwriteable.
AllowOverwrite			on

TransferLog /run/proftpd/xferlog
SystemLog   /run/proftpd/proftpd.log

# disable ssh login log
WtmpLog off

<IfModule mod_quotatab.c>
    QuotaEngine off
</IfModule>

<IfModule mod_ratio.c>
    Ratios off
</IfModule>

# Delay engine reduces impact of the so-called Timing Attack described in
# http://www.securityfocus.com/bid/11430/discuss
# It is on by default.
<IfModule mod_delay.c>
    DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
    ControlsEngine        off
    ControlsMaxClients    2
    ControlsLog           /var/log/proftpd/controls.log
    ControlsInterval      5
    ControlsSocket        /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
    AdminControlsEngine off
</IfModule>

LoadModule mod_ldap.c
<IfModule mod_ldap.c>
    # https://forums.proftpd.org/smf/index.php?topic=6368.0
    LDAPServer "ldap://localhost:3002/??sub"
    LDAPUsers "ou=proftpd,dc=cloudron" (username=%u)

    LDAPLog /var/log/proftpd/ldap.log
</IfModule>

<IfModule mod_sftp.c>
    SFTPEngine on
    Port 222
    SFTPLog /var/log/proftpd/sftp.log

    # Configure both the RSA and DSA host keys, using the same host key
    # files that OpenSSH uses.
    SFTPHostKey /etc/ssh/ssh_host_rsa_key

    SFTPAuthMethods password

    # Enable compression
    SFTPCompression delayed

    RequireValidShell off
</IfModule>

<Directory />
    HideNoAccess yes
</Directory>
Add proftpd as service 2019-03-18 19:02:32 -07:00			`# Includes DSO modules`
			`Include /etc/proftpd/modules.conf`

			`# Set off to disable IPv6 support which is annoying on IPv4 only boxes.`
			`UseIPv6 off`
			`# If set on you can experience a longer connection delay in many cases.`
			`IdentLookups off`

Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`ServerName Cloudron`
Add proftpd as service 2019-03-18 19:02:32 -07:00			`ServerType standalone`
			`DeferWelcome off`

			`MultilineRFC2228 on`
			`DefaultServer on`
			`ShowSymlinks on`

			`TimeoutNoTransfer 600`
			`TimeoutStalled 600`
			`TimeoutIdle 1200`

			`DisplayLogin welcome.msg`
			`DisplayChdir .message true`
			`ListOptions "-l"`

			`DenyFilter \./`

Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`# Use this to jail all users in their homes, will be homeDirectory LDAP attribute`
			`DefaultRoot ~`
Add proftpd as service 2019-03-18 19:02:32 -07:00
			`# Users require a valid shell listed in /etc/shells to login.`
			`# Use this directive to release that constrain.`
			`# RequireValidShell off`

			`# Port 21 is the standard FTP port.`
			`Port 0`

			`# To prevent DoS attacks, set the maximum number of child processes`
			`# to 30. If you need to allow more than 30 concurrent connections`
			`# at once, simply increase this value. Note that this ONLY works`
			`# in standalone mode, in inetd mode you should use an inetd server`
			`# that allows you to limit maximum number of processes per service`
			`# (such as xinetd)`
			`MaxInstances 10`

			`# Set the user and group that the server normally runs at.`
			`User www-data`
			`Group www-data`

			`# Umask 022 is a good standard umask to prevent new files and dirs`
			`# (second parm) from being group and world writable.`
			`Umask 022 022`
			`# Normally, we want files to be overwriteable.`
			`AllowOverwrite on`

			`TransferLog /run/proftpd/xferlog`
			`SystemLog /run/proftpd/proftpd.log`

			`# disable ssh login log`
			`WtmpLog off`

			`<IfModule mod_quotatab.c>`
Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`QuotaEngine off`
Add proftpd as service 2019-03-18 19:02:32 -07:00			`</IfModule>`

			`<IfModule mod_ratio.c>`
Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`Ratios off`
Add proftpd as service 2019-03-18 19:02:32 -07:00			`</IfModule>`

			`# Delay engine reduces impact of the so-called Timing Attack described in`
			`# http://www.securityfocus.com/bid/11430/discuss`
			`# It is on by default.`
			`<IfModule mod_delay.c>`
Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`DelayEngine on`
Add proftpd as service 2019-03-18 19:02:32 -07:00			`</IfModule>`

			`<IfModule mod_ctrls.c>`
Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`ControlsEngine off`
			`ControlsMaxClients 2`
			`ControlsLog /var/log/proftpd/controls.log`
			`ControlsInterval 5`
			`ControlsSocket /var/run/proftpd/proftpd.sock`
Add proftpd as service 2019-03-18 19:02:32 -07:00			`</IfModule>`

			`<IfModule mod_ctrls_admin.c>`
			`AdminControlsEngine off`
			`</IfModule>`

			`LoadModule mod_ldap.c`
			`<IfModule mod_ldap.c>`
Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`# https://forums.proftpd.org/smf/index.php?topic=6368.0`
Make proftpd conf static 2019-03-19 11:51:00 -07:00			`LDAPServer "ldap://localhost:3002/??sub"`
			`LDAPUsers "ou=proftpd,dc=cloudron" (username=%u)`
Make initial sftp connection work 2019-03-18 21:15:50 -07:00
			`LDAPLog /var/log/proftpd/ldap.log`
Add proftpd as service 2019-03-18 19:02:32 -07:00			`</IfModule>`

			`<IfModule mod_sftp.c>`
Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`SFTPEngine on`
Make proftpd conf static 2019-03-19 11:51:00 -07:00			`Port 222`
Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`SFTPLog /var/log/proftpd/sftp.log`
Add proftpd as service 2019-03-18 19:02:32 -07:00
Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`# Configure both the RSA and DSA host keys, using the same host key`
			`# files that OpenSSH uses.`
			`SFTPHostKey /etc/ssh/ssh_host_rsa_key`
Add proftpd as service 2019-03-18 19:02:32 -07:00
Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`SFTPAuthMethods password`
Add proftpd as service 2019-03-18 19:02:32 -07:00
Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`# Enable compression`
			`SFTPCompression delayed`
Add proftpd as service 2019-03-18 19:02:32 -07:00
Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`RequireValidShell off`
Add proftpd as service 2019-03-18 19:02:32 -07:00			`</IfModule>`

			`<Directory />`
Make initial sftp connection work 2019-03-18 21:15:50 -07:00			`HideNoAccess yes`
Add proftpd as service 2019-03-18 19:02:32 -07:00			`</Directory>`