# Accepting anonymous users
Anonymous_enable = YES
# Do not ask for a password when an anonymous user logs in
No_anon_password = YES
# Anonymous User home directory
Anon_root = (none)
# Accept local users
Local_enable = YES
# Local User home directory
Local_root = (none)
# If an anonymous user requires a password, the user using the email address in banned_email_file cannot log on.
Deny_email_enable = YES
# It is only useful when no pam verification version is available. check whether the user has a valid shell to log on
Check_shell = YES
# If this option is enabled, the userlist_deny option is started.
Userlist_enable = YES
# If YES, users in userlist_file cannot log on. If NO, only users in userlist_file can log on.
Userlist_deny = NO
# If it is enabled with chroot_local_user, the user-locked directory comes from the directory specified by each user in/etc/passwd (this is not very clear. which one is familiar with this)
Passwd_chroot_enable = NO
# Define the username for anonymous login. The default value is ftp.
Ftp_username = FTP
################# User permission control ###############
# Upload allowed (global control ).
Write_enable = YES
# Umask for local user to upload files
Local_umask = 022
# Use umask to upload files
# File_open_mode = 0666
# Uploading by anonymous users
Anon_upload_enable = NO
# Directories can be created by anonymous users
Anon_mkdir_write_enable = NO
Other Write permissions of anonymous users (change permissions ?)
Anon_other_write_enable = NO
If set to YES, anonymous logon users are allowed to download readable files. The default value is YES.
Anon_world_readable_only = YES
# If enabled, all non-anonymous login usernames will be switched to the user name specified by guest_username
# Guest_enable = NO
The owner of all files uploaded anonymously will be changed to chown_username.
Chown_uploads = YES
Username of the file to be uploaded anonymously
Chown_username = lightwiter
# If this function is enabled, users listed in chroot_list_file cannot change the root directory.
Chroot_list_enable = YES
# The \ "async ABOR \" command is allowed. Generally, this command is not used and is prone to problems.
Async_abor_enable = YES
Controls whether ASCII upload is available. The default value is NO.
Ascii_upload_enable = YES
# Control whether ASCII mode is available for download. The default value is NO.
Ascii_download_enable = YES
# This option must specify an empty folder and no logon user can write data. when vsftpd does not require file system permission, the user is restricted to this data folder. The default value is/usr/share/empty.
Secure_chroot_dir =/usr/share/empty
################### Timeout settings ##################
# Idle connection timeout
Idle_session_timeout = 600
# Data transmission timeout
Data _ connection_timeout = 120
# P *** S Request Timeout
ACCEPT_TIMEOUT = 60
# PROT mode connection timeout
Connect_timeout = 60
############### Server function options ###############
# Enable the diary function
Xferlog_enable = YES
# Use standard format
Xferlog_std_format = YES
# When xferlog_std_format is disabled and this option is enabled, all ftp requests and replies are recorded. this option is useful for debugging.
# Log_ftp_protocol = NO
# Pasv mode
Pasv_enable = YES
# Disable the security check. be careful.
# Pasv_promiscuous + NO
# Allow port mode
# Port_enable = YES
# Disable security check
# Prot_promiscuous
# Enable tcp_wrappers support
Tcp_wrappers = YES
# Define the name used by PAM. the default value is vsftpd.
Pam_service_name = vsftpd
# Username used when the server runs at the bottom layer
Nopriv_user = nobody
# Enable vsftpd to jump to the specified IP address when replying to the pasv command ?)
Pasv_address = (none)
################# Server performance options ##############
# Can I use the ls-R command to avoid wasting a large amount of server resources?
# Ls_recurse_enable = YES
# Whether to use the single-process mode
# One_process_model
# Bind to the port specified by listen_port. since all ports are bound, that is, all ports are open at a time, which is the standalone mode?
Listen = YES
# When a user logs in and uses commands such as ls-al to query the management right of the file, the owner's UID is displayed by default, instead of the owner's name. If you want the owner name to appear, enable this function.
Text_userdb_names = NO
# The local time or GMT time is used to display the directory list. the same effect can be achieved through the mdtm command.
Use_localtime = NO
# Test platform optimization
# Use_sendfile = YES
################ Information class settings ################
# The welcome information is displayed in login. if banner_file is set, this setting is invalid.
Ftpd_banner = Welcome to Hunan sanchen Fake-Ta FTP website.
# Allows the display of directory configuration information to display the content of the message_file file under each directory
Dirmessage_enable = YES
# Display Session status information, off!
# Setproctitle_enable = YES
############# File definition ##################
# Define a file that cannot change the user's main directory
Chroot_list_file =/etc/vsftpd. chroot_list
# Defining restrictions/files that allow users to log on
Userlist_file =/etc/vsftpd. user_list
# Define the location of the logon information file
Banner_file =/etc/vsftpd/banner
# The email address used as the password when an anonymous user is not allowed to log on
Banned_email_file =/etc/vsftpd. banned_emails
# Log file location
Xferlog_file =/var/log/vsftpd. log
# Directory information file
Message_file =. message
############# Directory definition #################
# Define the Directory of the user configuration file
User_config_dir =/etc/vsftpd/userconf
# Define the root directory for local user login. Note that the root directory can be relative or absolute. the relative path is for the user's home directory.
Local_root = webdisk # set the root directory of each user to/home/username/webdisk after login.
# Root directory after anonymous login
Anon_root =/var/ftp
############ User connection options #################
# Maximum number of acceptable clients
Max_clients = 100
# Maximum number of clients for each ip address
Max_per_ip = 5
# Use standard port 20 to connect to ftp
Connect_from_port_20 = YES
# Bound to an IP address, which cannot be accessed by other IP addresses
Listen_address = 192.168.0.2
# Bind to a port
# Listen_port = 2121
# Data transmission Port
# Ftp_data_ports = 2020
# The upper bound of the port range can be used in pasv connection mode. 0 indicates any port range. The default value is 0.
Pasv_max_port = 0
# When using pasv connection mode, you can use the lower bound of the port range. 0 indicates any value. The default value is 0.
Pasv_min_port = 0
############# Data transmission options #################
# Transfer ratio of anonymous users (B/s)
Anon_max_rate = 51200
# Local user transmission rate (B/s)
Local_max_rate = 5120000
########################################
If you want to control each user separately, you only need to create a username file in user_config_dir and set the appropriate personal options for data transmission and user rights, user-defined files are also suitable for virtual users supported by pam.
Appendix: Significance of FTP digital code
110 restart and mark the response.
120 how long is the service ready.
125 data link port is enabled and ready for transmission.
150 The file status is normal and the data connection port is enabled.
200 The command is successfully executed.
202 command execution failed.
211 system status or system help response.
212 directory status.
The status of the 213 file.
214 help message.
215 name system type.
220 new online service ready.
221 The service's control port is closed and can be canceled.
225 data link is enabled, but there is no transmission action.
226 close the data connection port and the requested file operation is successful.
227 enters the passive mode.
230 user login.
250 The requested file operation is complete.
257 display the current path name.
331 the user name is correct and the password is required.
332 account information is required for logon.
350 the requested operation requires a command.
421 unable to provide services. disable the control link.
425 the data link cannot be enabled.
426 disable online and terminate transmission.
450 the requested operation was not executed.
451 command termination: there is a local error.
452 unexecuted command: the disk space is insufficient.
500 the format is incorrect and the command cannot be identified.
501 parameter syntax error.
502Command execution failed.
503 command order error.
504 the parameters connected to the command are incorrect.
530 not logged in.
532 account login is required to store files.
550 the requested operation is not performed.
551 the request command is terminated and the type is unknown.
552 the requested file is terminated and the storage space overflows.
553 the name of the requested command is incorrect.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
