Last modified: December 7, 2022

Overview

The FTP Server Configuration interface allows you to customize your chosen FTP servers behavior.

How to configure your ProFTPD server

To configure your ProFTPD server, perform the following steps:

1. From the TLS Encryption Support menu, select a setting for TLS encryption of FTP connections:
   • Optional  FTP users choose whether to use TLS encryption. This setting offers the best compatibility.
   • Required  Requires TLS encryption on commands that users issue to the FTP server and on data that comes through the FTP server. This setting protects all traffic from eavesdroppers.
2. In the TLS Options text box, enter NoSessionReuseRequired. This is the default setting. This setting softens the requirement to reuse the SSL session for data connections from the control connection.
3. In the TLS Cipher Suite text box, enter the list, in standard format, of the TLS ciphers that you wish your FTP server to use.
   • This setting defaults to HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3.
   • Typically, you should only adjust this setting for PCI Compliance.
   • For more information about TLS ciphers, read OpenSSLs Cipher documentation.
4. In the TLS Protocol text box, enter the TLSProtocol directive that ProFTPD will use when it establishes SSL/TLS sessions.
   • This setting defaults to SSLv23. This setting allows the SSLv3 and TLSv1 protocols.
   • You should only adjust this setting for PCI Compliance.
5. From the Allow Anonymous Logins menu, select whether users can log in to your FTP server anonymously.
    

   Warning:

   We do not recommend that you enable anonymous FTP, because it dangerously compromises the security of your server.

    
6. In the Maximum Idle Time (seconds) text box, enter the number of seconds that an FTP connection may remain idle before the server disconnects it.
7. In the Maximum Number of FTP Processes text box, enter the maximum number of active processes the FTP server may create. Because each connection creates a process, this setting limits the total number of FTP connections.
    

   Note:

   To disable limits on the number of FTP processes, enter none.

    
8. From the Show Symlinks menu, select whether you want ProFTPD to display symbolic links (symlinks) as such, and not as files or directories. The default for this setting is Yes. For more information about symlinks, visit Wikipedias Symbolic link entry.
9. From the Symlink Compatibility menu, select whether you want to allow some FTP clients to display the correct symlinks to directories. The default for this setting is No. If you choose Yes, you must also enable the Show Symlinks setting.
10. From the TCP Wrappers menu, select whether you would like ProFTPD to use the TCP Wrappers package. With this package, you can configure the /etc/hosts.allow and /etc/hosts.deny files. For more information on how to edit these files, read our ProFTPD Configuration for Host Access Control documentation. The default for this setting is No.
     

    Important:

    • ProFTPD does not use TCP-Wrappers-based access controls on the following systems:
      • AlmaLinux OS 8
      • Rocky Linux 8
      • CloudLinux 8
    • Use the functionality available in WHMs Host Access Control interface for these operating systems.
    • The rest of ProFTPDs functionality still works on these operating systems.
11. Click Save.
    Note:

    • For more information about ProFTPD, visit the ProFTPD website.
    • To access ProFTPDs debug mode, run the following commands:

    1 2	/usr/local/cpanel/scripts/restartsrv_proftpd --stop /usr/sbin/proftpd -nd9

Configure your Pure-FTPd server

To configure your Pure-FTPd server, perform the following steps:

1. From the TLS Encryption Support menu, select a setting for TLS encryption of FTP connections:
   • Disabled  Disables TLS encryption.
   • Optional  FTP users choose whether to use TLS encryption. This setting offers the best compatibility.
   • Required (Command)  Requires TLS encryption on all commands users issue to the FTP server. This setting hides passwords and usernames.
   • Required (Command/Data)  Requires TLS encryption on commands that users issue to the FTP server and on data that comes through the FTP server. This setting protects all traffic from eavesdroppers.
2. In the TLS Cipher Suite text box, enter the list, in standard format, of the TLS ciphers you wish your FTP server to use.
   • This setting defaults to HIGH.
   • Typically, you should only adjust this setting for PCI compliance.
   • For more information about TLS ciphers, read OpenSSLs Cipher documentation.
3. From the Allow Anonymous Logins menu, select whether cPanel users can enable Anonymous FTP logins via cPanels Anonymous FTP interface (cPanel » Home » Files » Anonymous FTP).
   
   Warning:

   We do not recommend that you enable anonymous FTP, because it dangerously compromises the security of your server.

    
4. From the Allow Anonymous Uploads menu, select whether anonymous users can upload files to your FTP servers.
    

   Warning:

   We do not recommend that you enable anonymous FTP, because it dangerously compromises the security of your server.

    
5. Enter the maximum load for anonymous downloads in the Maximum Load for Anonymous Downloads text box. If the systems load average exceeds this setting, your FTP server will prevent downloads by anonymous users.
   
   Warning:

   We do not recommend that you enable anonymous FTP, because it dangerously compromises the security of your server.

    
6. In the Maximum Idle Time (minutes) text box, enter the number of minutes an FTP connection may remain idle before the server disconnects it.
7. Enter the maximum number of FTP connections in the Maximum Connections text box.
   
   Note:

   Your FTP server applies this limit server-wide and not on a per-user basis.

    
8. In the Maximum Connections Per IP Address text box, enter the maximum number of FTP connections to allow from a single IP address.
9. From the Allow Logins with Root Password menu, select whether to allow the root password to access all FTP accounts.
10. From the Broken Clients Compatibility menu, select whether your FTP server will ignore some protocol standards in order to improve compatibility with buggy FTP clients and firewalls.
     

    Note:

    If you select Yes, your FTP server will perform the following actions:

    • Create symbolic links (symlinks) as actual files and directories. For more information about symlinks, visit Wikipedias Symbolic link entry.
    • Prompt for a dummy password for an anonymous user.
    • Disable FTP passive mode.
      
      
11. Click Save.

For more information about Pure-FTPd, visit the Pure-FTPd website.