Note last time we talked about the basic installation of proftp, because we have the following about MySQL and quota settings, so compile the corresponding modules are compiled, if you do not need MySQL and disk quota function, you can not need to compile.
Here's a very practical command,
/usr/local/proftpd/sbin/ftpshut
This command is still more practical, because you may need to constantly adjust your server, and this command is very flexible, you can not stop the PROFTPD process, the premise of the time to stop the FTP connection, here will be detailed to say how it is used.
Ftpshut [-L min] [D-min] time [warning-message ...]
-L min: Attempts to establish a new FTP connection are not accepted within minutes of the FTP shutdown service
-D min: The FTP connection that has been established will be aborted within minutes of the FTP shutdown service
Time: After how long, the server will shut down the FTP service, in two different formats
+number is closed after number minutes.
MMHH today MM:HH server will shut down
Note, here we use this command is to stop the FTP service, but the actual PROFTPD process has not stopped, so the general debugging FTP will use this command.
Example:
After another 30 minutes, the FTP service will shut down, not to accept any new FTP connections for the first 20 minutes, the established forced disconnection for 10 minutes before the service is closed, and the client to display "FTP Server will shutdown in time"
Ftpshut-l 20-d +30 "FTP Server would shutdown at time"
In fact Ftpshut is to produce/etc/shutmsg, you just delete this file FTP can again service, or
Direct
Ftpshut-r
Well, start talking about the basic configuration of some proftpd, in fact, if you are familiar with the configuration of Apache, you will find that the PROFTPD settings are basically similar, its configuration basic format is
# Global Settings
Set Item 1 Parameter 1
Set Item 2 Parameter 2
# Settings for a directory
...
...
# about settings for anonymous users
...
...
...
...
We use more likely to be the use of limit, limit roughly have the following actions, basically can cover all the permissions, we are flexible to use it.
Directory Change Cmd:change Working directory
Mkd:make directory permissions to build directories
Rnfr:rename from changing directory name permissions
Dele:delete permission to delete files
Rmd:remove Directory permission to delete directory
Retr:retrieve permission to download from the server to the client
Stor:store permission to upload from client to server
READ: Readable permissions, excluding the permissions of the column directory, equivalent to Retr,stat, etc.
Write: Permissions for writing files or directories, including MKD and RMD
Dirs: Whether to allow the column directory, equivalent to List,nlst and other permissions, or more practical
All: All Permissions
Login: Permission to login is allowed
This applies to the limit of the above object, and includes the following range
Allowuser for a user-allowed limit
Denyuser for a user-prohibited limit
Allowgroup limit allowed for a user group
Denygroup a limit that is prohibited for a user group
Allowall allowed for all user groups limit
Denyall is prohibited for all users limit
The parameters for the throttling rate are:
Transferrate stor| RETR speed (kbytes/s) user consumer
Let's use an example to illustrate the configuration of proftp, so that you can make it easier to understand.
1. FTP Server support breakpoint continuation, and maximum support at the same time 10 people online, each IP only allow one connection;
2. Allow Ftpusers user groups to access only their own directories, but not to superiors or other directories;
3. When the user logs on to the server, the FTP server version information is not displayed to increase security;
4. Set up a Kaoyan FTP account, belonging to the Ftpusers group, Kaoyan users only allow downloads, no writable permissions. Download rate is limited to 50kbytes/s.
5. Establish a upload user, also belong to Ftpusers group, same as Kaoyan user's host directory, allow upload user to upload files and create directory permissions, but do not allow download, and do not allow permission to delete directories and files, upload rate control in the 100KBYTES/S
First early user and group additions and directory permissions settings
If you only want to access the Ftpusers group, you can set it to 770.
Set/usr/local/proftpd/etc/proftpd.conf
Note # indicates comments, no effect on settings, can not write
ServerName "Frank ' s FTP Server"
ServerType Standalone
Defaultserver on
Port 21
Umask 022
Maxinstances #最多有30个proftpd的PID
User Nobody
Group Nobody
Timeoutstalled 10
MaxClients #最多允许10个用户在线
Maxclientsperhost 1 "Sorry, one IP allows only one connection"
Allowstorerestart on
#允许断点续传 (upload), the breakpoint continued (download) is supported by default, do not set
Displaylogin welcome.msg #欢迎词文件
Serverident off #屏蔽服务器版本信息
Defaultroot ~ ftpusers #设置ftpusers组只能访问自己的目录
AllowOverwrite on
#不允许写
Denyuser Kaoyan
#不允许删除, renaming, downloading
Denyuser Upload
Transferrate RETR User Kaoyan
Transferrate STOR User Upload
The way I do it here is also done by
...
...
<>
...
...
And more flexible, specifically in that way, see everyone, I just give everyone into a door
Okay, that's it for today. Other configurations for proftp tomorrow.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
