PROFTPD restrict the configuration of anonymous users

Typically, anonymous users are allowed to log on to the FTP server and use relatively secure, and more generally, they want anonymous users to read only the files in a directory. For example, you want anonymous users to be able to read only files in the/home/ftp directory. Configuration of corresponding PROFTPD

# Omit other configuration
# limit other files or directories in the home directory to remove all permissions to change the directory
<Directory/home/*>
        <limit all>
            denyall
        </Limit>

        <limit cwd>
            allowall
        </Limit>
</Directory>
# allow view/home/ FTP directories and directories under Files and allow downloads
<Directory/home/ftp>
        <limit list NLST read>
            allowall
        </limit >
</Directory>

Pay attention to three points [1]

The above configuration order can not be easily replaced, PROFTPD read <Directory> configuration items, there is a sequential problem, the following matching configuration will overwrite the previous matching configuration

<Directory> configuration in the absence of wildcard meaning is more special, if there is no wildcard, to the directory and directory of the files are working, if no wildcard, only the files in the directory to work

Anonymous user login will also correspond to a system account, under normal circumstances is an FTP account. For example, FTP account,/home/ftp directory needs to have read access to the FTP account, otherwise anonymous users can not download/home/ftp directory files, burst without permission error

Reference Links:
[1]http://www.proftpd.org/docs/howto/directory.html