FTP Server Configuration

For WHM version 11.40

(Home >> Service Configuration >> FTP Server Configuration)

Overview

The FTP Server Configuration interface allows you to tailor your FTP server's behavior to your preferences. The options you see in this interface change based on the setting you chose in the FTP Server Selection interface.

How to configure your ProFTPd server

To configure your ProFTPd server:

  1. Select a setting for TLS encryption of FTP connections from the TLS Encryption Support menu:
    • OptionalFTP users choose whether to use TLS encryption. This setting offers the best compatibility.
    • Required (Command) — Requires TLS encryption on all commands users issue to the FTP server. This setting hides passwords and usernames.
    • Required (Command/Data) — Requires TLS encryption on commands users issue to the FTP server and on data that comes through the FTP server. This setting protects all traffic from eavesdroppers.
  2. Enter the list, in standard format, of the TLS ciphers you wish your FTP server to use in the TLS Cipher Suite field.
    • HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 is the default setting.
    • Typically, you should only adjust this setting for PCI compliance.
    • For more information about TLS ciphers, read OpenSSL's Cipher documentation.
  3. Select whether users can log in to your FTP server anonymously from the Allow Anonymous Logins menu.
    note Note: When you install your FTP server, anonymous FTP defaults to disabled. We do not recommend that you enable anonymous logins because they seriously compromise the security of your server.
  4. Enter the number of seconds an FTP connection may remain idle before the server disconnects it in the Maximum Idle Time (seconds) field.
  5. Enter the maximum number of active processes the FTP server may create in the Maximum Number of FTP Processes field. Since each connection creates a process, this setting limits the total number of FTP connections.
    note Note: To disable limits on the number of FTP processes, enter none.
  6. Click Save.

For more information about ProFTPd, visit the ProFTPd website.

How to configure your Pure-FTPd server

To configure your Pure-FTPd server:

  1. Select a setting for TLS encryption of FTP connections from the TLS Encryption Support menu:
    • Disabled — Disables TLS encryption.
    • OptionalFTP users choose whether to use TLS encryption. This setting offers the best compatibility.
    • Required (Command) — Requires TLS encryption on all commands users issue to the FTP server. This setting hides passwords and usernames.
    • Required (Command/Data) — Requires TLS encryption on commands users issue to the FTP server and on data that comes through the FTP server. This setting protects all traffic from eavesdroppers.
  2. Enter the list, in standard format, of the TLS ciphers you wish your FTP server to use in the TLS Cipher Suite field.
    • HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 is the default setting.
    • Typically, you should only adjust this setting for PCI compliance.
    • For more information about TLS ciphers, read OpenSSL's Cipher documentation.
  3. Select whether users can log in to your FTP server anonymously from the Allow Anonymous Logins menu.
    note Note: When you install your FTP server, anonymous FTP defaults to disabled. We do not recommend that you enable anonymous logins, since they seriously compromise the security of your server.
  4. Select whether anonymous users can upload files to your FTP servers from the Allow Anonymous Uploads menu.
    PICK Remember: We do not recommend that you enable anonymous FTP, since it seriously compromises the security of your server.
  5. Enter the maximum load for anonymous downloads in the Maximum Load for Anonymous Downloads field. If the system's load average exceeds this setting, your FTP server will prevent downloads by anonymous users.
    PICK Remember: We do not recommend that you enable anonymous FTP, since it seriously compromises the security of your server.
  6. Enter the number of seconds an FTP connection may remain idle before the server disconnects it in the Maximum Idle Time (seconds) field.
  7. Enter the maximum number of FTP connections in the Maximum Connections field.
    PICK Remember: Your FTP server applies this limit server-wide and not on a per-user basis.
  8. Enter the maximum number of FTP connections to accept from a single IP address in the Maximum Connections Per IP Address field.
  9. Select whether to allow use of the root password to access all FTP accounts from the Allow Logins with Root Password menu.
  10. Select whether your FTP server will ignore some protocol standards to improve compatibility with buggy FTP clients and firewalls from the Broken Clients Compatibility menu.
  11. Click Save.

For more information about Pure-FTPd, visit the PureFTPd website.

Additional documentation

Topic revision: r11 - 19 Sep 2013 - 16:54:05 - Main.SarahHaney