顶九网服务器搭建手册之AMPF环境搭建(10)

配置文件详解

 

pure-ftpd.conf

 

 

ChrootEveryone yes

chroot每一个用户,等同于Proftpd 中的DefaultRoot~ , 可以限制用户在某个地方活动,增强服务器的安全性。使用户不能通过cd命令进入上一级目录。

TrustedGID                                                                         50

#以上两者要一起用

 

 

BrokenClientsCompatibility                                                 no

 

 

MaxClientsNumber                                                         50

#最大链接数

 

 

Daemonize                                                                         yes

#Fork in background 以守护进程方式在后台运行

 

 

MaxClientsPerIP                                                                 5

#每个ip最多链接数,最好设小点。

 

 

VerboseLog                                                                         no

#是否要把所有client端的指令都log下来

 

 

DisplayDotFiles                                                                 no

#显示开头的文件

 

 

AnonymousOnly                                                                 no

#是否只让匿名登录

 

NoAnonymous                                                                 no

#不开放匿名登入

 

 

SyslogFacility                                                                 ftp

#应该是对日志做一下过滤 (auth, authpriv, daemon, ftp, security, user, local*)可以让日志只记录想要的信息

 

 

DontResolve                                                                         yes

#不反向解释客户端的ip

 

 

MaxIdleTime                                                                         5

#最大闲置時間

 

 

#LDAPConfigFile                                                                 /usr/local/pureftpd/etc/pureftpd-ldap.conf

#使用LDAP认证,

 

 

MySQLConfigFile                                                         /usr/local/pureftpd/etc/pureftpd-mysql.conf

#使用MySQL认证

 

 

#PGSQLConfigFile                                                         /usr/local/pureftpd/etc/pureftpd-pgsql.conf

#使用PGSQL认证

 

 

#PureDB                                                                         /ftp/etc/pureftpd.pdb

#使用者资料的DB存放地点 [由于我是用PureFTPD的內建DB.固有此选项]

 

 

#ExtAuth                                                                         /var/run/ftpd.sock

#pure-authd socket 路径 (详细请看 README.Authentication-Modules)

 

 

#PAMAuthentication                                                         yes

#开启PAM认证

 

 

#UnixAuthentication                                                         yes

#如果你想要有简单的Unix(/etc/passwd)的认证的話

 

FortunesFile                                                                         /usr/local/pureftpd/etc/.welcome

#显示的欢迎信息文件,你可以创建该文件,输入一些文字,然后你重启你的FTP服务,就会有意外的发现。

 

 

LimitRecursion                                                                 2000 8

#ls最多列出3000个文件.最深8层

 

AnonymousCanCreateDirs                                                 no

#匿名用户可以创建目录

 

 

MaxLoad 4

#当system load超过4時.使用者将不能再下载

 

 

PassivePortRange                                                                 30000 50000

#被动连接应答范围

 

 

ForcePassiveIP                                                                 192.168.0.1

#

 

 

AnonymousRatio                                                                 1 10

#Anonymous连接上传/下载比率

 

 

UserRatio                                                                         1 10

#用户上传/下载比率(注:如果使用ldap,mysql,pgsql,pam不要启用该功能,否则你在ldap等中设置的Ratio无校)

 

 

AntiWarez                                                                         no

#上传的文件不能被下载(owner is ftp).等到local admin确认

 

 

Bind                                                                                 127.0.0.1,8021

#要绑定和ip/port,在你的系统中有两个FTP Server这样你其中一个FTP就要使用其它端口。

#格式->; 127.0.0.1,21 如果只写port表All ip,port

 

 

 

AnonymousBandwidth                                                         8

#Anonymous 带宽,单位KB/s

 

 

UserBandwidth                                                                 8

#用户带宽,单位KB/s

 

 

Umask                                                                                 133:022

#上传文件的Umask.(<umask for files>;:<umask for dirs>; )

 

 

MinUID                                                                                 1000

# UID至少多少才能登录

 

 

AllowUserFXP                                                                 yes

#支不支持FXP

 

 

AllowAnonymousFXP                                                         no

#Anonymous支不支持FXP

 

 

ProhibitDotFilesWrite no

ProhibitDotFilesRead no

#(”.”)开头的文件能不能被读/写,UNIX Like下以点开头的文件是隐藏文件ls –a才能列出

#Pureftpd Quota模式下做产生” .ftpquota”文件。

 

 

AutoRename                                                                         no

#上传文件若有相同文件名自动改名(file.1,file.2…)

 

 

AnonymousCantUpload                                                 no

#匿名用户上传文件

 

 

TrustedIP                                                                         10.1.1.1

#锁IP.

 

 

LogPID

#Log文件添加PID

AltLog stats:/ftp/etc/log/pureftpd.log

#log存放地点,注日志有几种常用的格式

#clf 类似apache格式,stats UNIX log格式,w3c 标准W3C格式,可能是HTML格式

 

 

NoChmod                                                                         yes

#不给Chmod指令的权限

 

 

KeepAllFiles                                                                         no

#使用者可续传.但不可刪除文件

 

 

CreateHomeDir                                                                 yes

#如果user的home不存在自动建立(我把这个设为YES)

 

 

Quota                                                                                 1000:10

#Quota <文件数>;:<容量Megabytes >;,FTP限制10M空间,可以上传1000个文件(注:如果使用ldap,mysql,pgsql,pam不要启用该功能,否则你在ldap等中设置的Quota无校)

 

 

PIDFile /ftp/etc/log/pure-ftpd.pid

#记录pure-ftpd的PID文件

 

 

CallUploadScript                                                                 yes

#呼叫UploadScript

 

 

MaxDiskUsage                                                                 99

#当硬盘使用率到多少時将停止上传

 

 

NoRename                                                                         yes

#用户不能重命名文件名

 

CustomerProof                                                                 yes

PerUserLimits                                                                 3:20

#<每个账号最多可登入几次:Anonymous最多可同時登入几次>;

     

如果这文章对你有帮助,请扫左上角微信支付-支付宝,给于打赏,以助博客运营

发表评论

您的电子邮箱地址不会被公开。 必填项已用*标注