I'm running ISPConfig 2.2.10 on an Ubuntu system. User FTP logins work fine, but anonymous FTP fails with a 503 (incorrect login) error. I've poked through other threads here, but none of the fixes seem to work. Any additional suggestion for how to debug this problem? -- Richard
Proftpd.conf looks like this: # # /etc/proftpd.conf -- This is a basic ProFTPD configuration file. # To really apply changes reload proftpd after modifications. # ServerName Default ServerType standalone DeferWelcome off MultilineRFC2228 on DefaultServer on ShowSymlinks on TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200 DisplayLogin welcome.msg DisplayFirstChdir .message ListOptions "-l" DenyFilter \*.*/ # Uncomment this if you are using NIS or LDAP to retrieve passwords: #PersistentPasswd off # Uncomment this if you would use TLS module: #TLSEngine on # Uncomment this if you would use quota module: #Quotas on # Uncomment this if you would use ratio module: #Ratios on # Port 21 is the standard FTP port. Port 21 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 30 # Set the user and group that the server normally runs at. User nobody Group nogroup # Umask 022 is a good standard umask to prevent new files and dirs # (second parm) from being group and world writable. Umask 022 022 # Normally, we want files to be overwriteable. AllowOverwrite on # Delay engine reduces impact of the so-called Timing Attack described in # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 # It is on by default. #DelayEngine off # A basic anonymous configuration, no upload directories. # <Anonymous ~ftp> # User ftp # Group nogroup # # We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp # # Cosmetic changes, all files belongs to ftp user # DirFakeUser on ftp # DirFakeGroup on ftp # # RequireValidShell off # # # Limit the maximum number of anonymous logins # MaxClients 10 # # # We want 'welcome.msg' displayed at login, and '.message' displayed # # in each newly chdired directory. # DisplayLogin welcome.msg # DisplayFirstChdir .message # # # Limit WRITE everywhere in the anonymous chroot # <Directory *> # <Limit WRITE> # DenyAll # </Limit> # </Directory> # # # Uncomment this if you're brave. # # <Directory incoming> # # # Umask 022 is a good standard umask to prevent new files and dirs # # # (second parm) from being group and world writable. # # Umask 022 022 # # <Limit READ WRITE> # # DenyAll # # </Limit> # # <Limit STOR> # # AllowAll # # </Limit> # # </Directory> # # </Anonymous> <Global> AccessGrantMsg "Welcome to the Greaves Group FTP Site" RootLogin on RequireValidShell off UseFtpUsers on DefaultRoot ~ IdentLookups off ServerIdent on "FTP Server ready." AuthAliasOnly off WtmpLog on </Global> TimesGMT off <Anonymous /var/ftp> </Anonymous> RequireValidShell off UseFtpUsers on RootLogin on Include /etc/proftpd_ispconfig.conf *************************************************** proftpd_ispconfig.conf looks like this: ################################### # # ISPConfig proftpd Configuration File # Version 1.0 # ################################### DefaultAddress 127.0.0.1 <VirtualHost 64.142.97.114> DefaultRoot ~ AllowOverwrite on Umask 002 </VirtualHost> <VirtualHost 64.142.97.115> DefaultRoot ~ AllowOverwrite on Umask 002 <Anonymous /home/www/web9/ftp> User web9_anonftp Group web9_anonftp UserAlias anonymous web9_anonftp UserAlias guest web9_anonftp MaxClients 10 <Directory *> <Limit WRITE> DenyAll </Limit> </Directory> <Directory /home/www/web9/ftp/incoming> Umask 002 <Limit STOR> AllowAll </Limit> <Limit READ> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> <VirtualHost 64.142.97.116> DefaultRoot ~ AllowOverwrite on Umask 002 <Anonymous /home/www/web2/ftp> User web2_anonftp Group web2_anonftp UserAlias anonymous web2_anonftp UserAlias guest web2_anonftp MaxClients 10 <Directory *> <Limit WRITE> DenyAll </Limit> </Directory> <Directory /home/www/web2/ftp/incoming> Umask 002 <Limit STOR> AllowAll </Limit> <Limit READ> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> <VirtualHost 64.142.97.117> DefaultRoot ~ AllowOverwrite on Umask 002 <Anonymous /home/www/web5/ftp> User web5_anonftp Group web5_anonftp UserAlias anonymous web5_anonftp UserAlias guest web5_anonftp MaxClients 10 <Directory *> <Limit WRITE> DenyAll </Limit> </Directory> <Directory /home/www/web5/ftp/incoming> Umask 002 <Limit STOR> AllowAll </Limit> <Limit READ> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> <VirtualHost 64.142.97.118> DefaultRoot ~ AllowOverwrite on Umask 002 <Anonymous /home/www/web8/ftp> User web8_anonftp Group web8_anonftp UserAlias anonymous web8_anonftp UserAlias guest web8_anonftp MaxClients 10 <Directory *> <Limit WRITE> DenyAll </Limit> </Directory> <Directory /home/www/web8/ftp/incoming> Umask 002 <Limit STOR> AllowAll </Limit> <Limit READ> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> <VirtualHost 64.142.97.119> DefaultRoot ~ AllowOverwrite on Umask 002 <Anonymous /home/www/web10/ftp> User web10_anonftp Group web10_anonftp UserAlias anonymous web10_anonftp UserAlias guest web10_anonftp MaxClients 10 <Directory *> <Limit WRITE> DenyAll </Limit> </Directory> <Directory /home/www/web10/ftp/incoming> Umask 002 <Limit STOR> AllowAll </Limit> <Limit READ> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> <VirtualHost 64.142.97.120> DefaultRoot ~ AllowOverwrite on Umask 002 </VirtualHost> <VirtualHost 64.142.97.121> DefaultRoot ~ AllowOverwrite on Umask 002 </VirtualHost> <VirtualHost 64.142.97.122> DefaultRoot ~ AllowOverwrite on Umask 002 </VirtualHost> <VirtualHost 64.142.97.123> DefaultRoot ~ AllowOverwrite on Umask 002 </VirtualHost> <VirtualHost 64.142.97.124> DefaultRoot ~ AllowOverwrite on Umask 002 </VirtualHost> <VirtualHost 64.142.97.125> DefaultRoot ~ AllowOverwrite on Umask 002 </VirtualHost> <VirtualHost 64.142.97.126> DefaultRoot ~ AllowOverwrite on Umask 002 </VirtualHost>
...and checking the Anonymous FTP box on the web10 site adds the following to ispconfig.log 07.03.2007 - 15:42:55 => INFO - USER: web10_austinhq:x:10028:10010:Austin HQ Distribution List:/home/www/web10/user/web10_austinhq:/dev/null 07.03.2007 - 15:42:55 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 137: cp -fr /etc/postfix/local-host-names /etc/postfix/local-host-names~ 07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 284: cp -fr /etc/postfix/virtusertable /etc/postfix/virtusertable~ 07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 289: postmap hash:/etc/postfix/virtusertable 07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1230: cp -fr /etc/apache2/vhosts/Vhosts_ispconfig.conf /etc/apache2/vhosts/Vhosts_ispconfig.conf~ 07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1891: cp -fr /etc/proftpd_ispconfig.conf /etc/proftpd_ispconfig.conf~ 07.03.2007 - 15:42:56 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1926: WARNING: could not groupadd -g 12009 web9_anonftp &> /dev/null 07.03.2007 - 15:42:56 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1927: WARNING: could not useradd -d /home/www/web9/ftp -g web9_anonftp -m -s /bin/false -u 12009 web9_anonftp &> /dev/null 07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1937: setquota -u web9_anonftp 0 0 0 0 -a &> /dev/null 07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1938: setquota -T -u web9_anonftp 604800 604800 -a &> /dev/null 07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1939: setquota -g web9_anonftp 0 0 0 0 -a &> /dev/null 07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1940: setquota -T -g web9_anonftp 604800 604800 -a &> /dev/null 07.03.2007 - 15:42:56 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1926: WARNING: could not groupadd -g 12002 web2_anonftp &> /dev/null 07.03.2007 - 15:42:56 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1927: WARNING: could not useradd -d /home/www/web2/ftp -g web2_anonftp -m -s /bin/false -u 12002 web2_anonftp &> /dev/null 07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1937: setquota -u web2_anonftp 0 0 0 0 -a &> /dev/null 07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1938: setquota -T -u web2_anonftp 604800 604800 -a &> /dev/null 07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1939: setquota -g web2_anonftp 0 0 0 0 -a &> /dev/null 07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1940: setquota -T -g web2_anonftp 604800 604800 -a &> /dev/null 07.03.2007 - 15:42:57 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1926: WARNING: could not groupadd -g 12005 web5_anonftp &> /dev/null 07.03.2007 - 15:42:57 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1927: WARNING: could not useradd -d /home/www/web5/ftp -g web5_anonftp -m -s /bin/false -u 12005 web5_anonftp &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1937: setquota -u web5_anonftp 0 0 0 0 -a &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1938: setquota -T -u web5_anonftp 604800 604800 -a &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1939: setquota -g web5_anonftp 0 0 0 0 -a &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1940: setquota -T -g web5_anonftp 604800 604800 -a &> /dev/null 07.03.2007 - 15:42:57 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1926: WARNING: could not groupadd -g 12008 web8_anonftp &> /dev/null 07.03.2007 - 15:42:57 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1927: WARNING: could not useradd -d /home/www/web8/ftp -g web8_anonftp -m -s /bin/false -u 12008 web8_anonftp &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1937: setquota -u web8_anonftp 0 0 0 0 -a &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1938: setquota -T -u web8_anonftp 604800 604800 -a &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1939: setquota -g web8_anonftp 0 0 0 0 -a &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1940: setquota -T -g web8_anonftp 604800 604800 -a &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1926: groupadd -g 12010 web10_anonftp &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1927: useradd -d /home/www/web10/ftp -g web10_anonftp -m -s /bin/false -u 12010 web10_anonftp &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1937: setquota -u web10_anonftp 0 0 0 0 -a &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1938: setquota -T -u web10_anonftp 604800 604800 -a &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1939: setquota -g web10_anonftp 0 0 0 0 -a &> /dev/null 07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1940: setquota -T -g web10_anonftp 604800 604800 -a &> /dev/null 07.03.2007 - 15:42:59 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_system.lib.php, Line 706: /etc/init.d/proftpd restart &> /dev/null
Hmmm... lots of stuff, but the relevant lines seem to be: in group: users:x:100:web8_twg,web8_brenda,web8_chris,web8_melissa,web8_partners,web8_info,web8_roger,web8_admin,web8_chris2,web2_twg,web2_n6mod,web2_jhayes,web10_barry,web10_sharla,web10_brenda,web10_melissa,web10_ed,web10_michele,web10_janeadmispconfig:x:1001:admispconfig web1:x:10001:admispconfig web1_anonftp:x:12001: web2:x:10002:admispconfig,web2_ram web2_anonftp:x:12002: web4:x:10004:admispconfig web4_anonftp:x:12004: web5:x:10005:admispconfig,web5_dreamweaver web5_anonftp:x:12005: web8:x:10008:admispconfig,web8_ram web8_anonftp:x:12008:admispconfig,web8_anonftp web9:x:10009:admispconfig,ram,web9_admin web9_anonftp:x:12009: web10:x:10010:admispconfig,web10_admin web12:x:10012:admispconfig web13:x:10013:admispconfig,web13_admin freerad:x:115: ssl-cert:x:116ostgres web10_anonftp:x:12010: ...........................................and in passwd: admispconfig:x:1001:1001:Administrator ISPConfig:/home/admispconfig:/bin/bash web1_anonftp:x:12001:12001::/home/www/web1/ftp:/bin/false web2_anonftp:x:12002:12002::/home/www/web2/ftp:/bin/false web4_anonftp:x:12004:12004::/home/www/web4/ftp:/bin/false web5_anonftp:x:12005:12005::/home/www/web5/ftp:/bin/false web8_anonftp:x:12008:12008::/home/www/web8/ftp:/bin/false web9_anonftp:x:12009:12009::/home/www/web9/ftp:/bin/false web5_dreamweaver:x:10004:10005:Bug Track:/home/www/web5:/bin/bash web13_admin:x:10027:10013:Richard:/home/www/web13:/bin/false freerad:x:109:115::/etc/freeradius:/bin/false web9_admin:x:10029:10009:Administrator:/home/www/web9:/bin/bash web8_ram:x:10009:10008:Richard A. Milewski:/home/www/web8:/bin/bash web8_twg:x:10010:10008:Thomas W. Greaves:/home/www/web8/user/web8_twg:/bin/false web8_brenda:x:10014:10008:Brenda Raker:/home/www/web8/user/web8_brenda:/bin/false web8_chris:x:10015:10008:Christine Whelan:/home/www/web8/user/web8_chris:/bin/false web8_melissa:x:10016:10008:Melissa Mccullough:/home/www/web8/user/web8_melissa:/bin/false web8_partners:x:10017:10008artners:/home/www/web8/user/web8_partners:/bin/false web8_info:x:10018:10008:Catchall Accounts:/home/www/web8/user/web8_info:/bin/false web8_roger:x:10019:10008:Roger Samdahl:/home/www/web8/user/web8_roger:/bin/false web8_admin:x:10020:10008:NOC Accounts:/home/www/web8/user/web8_admin:/bin/bash web8_chris2:x:10026:10008:Chris Whelan:/home/www/web8/user/web8_chris2:/bin/false web2_twg:x:10012:10002:Thomas W. Greaves:/home/www/web2/user/web2_twg:/bin/false web2_ram:x:10008:10002:Richard A. Milewski:/home/www/web2:/bin/bash web2_n6mod:x:10007:10002:Aleksandr:/home/www/web2/user/web2_n6mod:/bin/bash web2_jhayes:x:10013:10002:Jeanne Hayes:/home/www/web2/user/web2_jhayes:/bin/false web10_admin:x:10022:10010:Administrator:/home/www/web10:/bin/bash web10_barry:x:10023:10010:Barry Berman:/home/www/web10/user/web10_barry:/bin/false web10_sharla:x:10025:10010:Sharla Woodrow:/home/www/web10/user/web10_sharla:/bin/false web10_brenda:x:10031:10010:Brenda Raker:/home/www/web10/user/web10_brenda:/bin/false web10_melissa:x:10032:10010:Melissa McCullough:/home/www/web10/user/web10_melissa:/bin/false web10_ed:x:10033:10010:Ed Cranston:/home/www/web10/user/web10_ed:/bin/false web10_michele:x:10034:10010:Michele Drake:/home/www/web10/user/web10_michele:/bin/false web10_jane:x:10035:10010:Jane Stahler:/home/www/web10/user/web10_jane:/bin/false web10_tom:x:10021:10010:Tom Fitzgerald:/home/www/web10/user/web10_tom:/dev/null web10_david:x:10024:10010avid Walling:/home/www/web10/user/web10_david:/dev/null web10_austinhq:x:10028:10010:Austin HQ Distribution List:/home/www/web10/user/web10_austinhq:/dev/null web10_anonftp:x:12010:12010::/home/www/web10/ftp:/bin/false ....is there something in particular I should look for? -- RAM
I wanted to see if all anonymous FTP users and groups are existing - they are, so that's not the problem...
I hate to bring a thread back from the dead but I've been reading through these threads that have anonymous ftp access problems and I don't see a fix for it. I also am having this same problem, getting: From SmartFTP: [11:21:55] 220 FTP Server ready. [11:21:55] USER anonymous [11:21:55] 331 Password required for anonymous. [11:21:55] PASS (hidden) [11:21:55] 530 Login incorrect. [11:21:55] Active Help: http://www.smartftp.com/support/kb/index.php/51 [11:21:55] Cannot login waiting to retry (30s)... [11:26:55] 421 No Transfer Timeout (300 seconds): closing control connection. [11:26:55] Server closed connection From /var/log/messages: Apr 13 11:20:42 proftpd[11346]: localhost.localdomain :ffff:68.149.237.71[::ffff:68.149.237.71]) - no such user 'anonymous' Code: # This is the ProFTPD configuration file # $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $ ServerName "ProFTPD server" ServerIdent on "FTP Server ready." ServerAdmin root@localhost ServerType standalone #ServerType inetd DefaultServer on AccessGrantMsg "User %u logged in." #DisplayConnect /etc/ftpissue #DisplayLogin /etc/ftpmotd #DisplayGoAway /etc/ftpgoaway DeferWelcome off # Use this to excude users from the chroot DefaultRoot ~ !adm # Use pam to authenticate (default) and be authoritative AuthPAMConfig proftpd AuthOrder mod_auth_pam.c* mod_auth_unix.c # Do not perform ident nor DNS lookups (hangs when the port is filtered) IdentLookups off UseReverseDNS off # Port 21 is the standard FTP port. Port 21 # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022 # Default to show dot files in directory listings ListOptions "-a" # See Configuration.html for these (here are the default values) #MultilineRFC2228 off #RootLogin off #LoginPasswordPrompt on #MaxLoginAttempts 3 #MaxClientsPerHost none #AllowForeignAddress off # For FXP # Allow to resume not only the downloads but the uploads too AllowRetrieveRestart on AllowStoreRestart on # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 20 # Set the user and group that the server normally runs at. User nobody Group nobody # Disable sendfile by default since it breaks displaying the download speeds in # ftptop and ftpwho UseSendfile no # This is where we want to put the pid file ScoreboardFile /var/run/proftpd.score # Normally, we want users to do a few things. <Global> AllowOverwrite yes <Limit ALL SITE_CHMOD> AllowAll </Limit> </Global> # Define the log formats LogFormat default "%h %l %u %t \"%r\" %s %b" LogFormat auth "%v [%P] %h %t \"%r\" %s" # TLS # Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html #TLSEngine on #TLSRequired on #TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem #TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem #TLSCipherSuite ALL:!ADH:!DES #TLSOptions NoCertRequest #TLSVerifyClient off ##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 #TLSLog /var/log/proftpd/tls.log # SQL authentication Dynamic Shared Object (DSO) loading # See README.DSO and howto/DSO.html for more details. #<IfModule mod_dso.c> # LoadModule mod_sql.c # LoadModule mod_sql_mysql.c # LoadModule mod_sql_postgres.c #</IfModule> # A basic anonymous configuration, with an upload directory. #<Anonymous ~ftp> # User ftp # Group ftp # AccessGrantMsg "Anonymous login ok, restrictions apply." # # # We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp # # # Limit the maximum number of anonymous logins # MaxClients 10 "Sorry, max %m users -- try again later" # # # Put the user into /pub right after login # #DefaultChdir /pub # # # We want 'welcome.msg' displayed at login, '.message' displayed in # # each newly chdired directory and tell users to read README* files. # DisplayLogin /welcome.msg # DisplayFirstChdir .message # DisplayReadme README* # # # Some more cosmetic and not vital stuff # DirFakeUser on ftp # DirFakeGroup on ftp # # # Limit WRITE everywhere in the anonymous chroot # <Limit WRITE SITE_CHMOD> # DenyAll # </Limit> # # # An upload directory that allows storing files but not retrieving # # or creating directories. # <Directory uploads/*> # AllowOverwrite no # <Limit READ> # DenyAll # </Limit> # # <Limit STOR> # AllowAll # </Limit> # </Directory> # # # Don't write anonymous accesses to the system wtmp file (good idea!) # WtmpLog off # # # Logging for the anonymous transfers # ExtendedLog /var/log/proftpd/access.log WRITE,READ default # ExtendedLog /var/log/proftpd/auth.log AUTH auth # #</Anonymous> # Restrict the range of ports from which the server will select when sent the # PASV command from a client. Use IANA-registered ephemeral port range of # 49152-65534 PassivePorts 49152 65534 DefaultRoot ~ Include /etc/proftpd_ispconfig.conf Here is the /etc/proftpd_ispconfig.conf file: Code: ################################### # # ISPConfig proftpd Configuration File # Version 1.0 # ################################### DefaultAddress 127.0.0.1 <VirtualHost 10.10.10.20> DefaultRoot ~ AllowOverwrite on Umask 002 <Anonymous /var/www/web11/ftp> User web11_anonftp Group web11_anonftp UserAlias anonymous web11_anonftp UserAlias guest web11_anonftp MaxClients 10 <Directory *> <Limit WRITE> DenyAll </Limit> </Directory> <Directory /var/www/web11/ftp/incoming> Umask 002 <Limit STOR> AllowAll </Limit> <Limit READ> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> Here is the ispconfig.log file: Code: 13.04.2007 - 11:12:53 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1923: groupadd -g 12011 web11_anonftp &> /dev/null 13.04.2007 - 11:12:54 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1924: useradd -d /var/www/web11/ftp -g web11_anonftp -m -s /bin/false -u 12011 web11_anonftp &> /d ev/null 13.04.2007 - 11:12:54 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1934: setquota -u web11_anonftp 512000 513024 0 0 -a &> /dev/null 13.04.2007 - 11:12:54 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1935: setquota -T -u web11_anonftp 604800 604800 -a &> /dev/null 13.04.2007 - 11:12:54 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1936: setquota -g web11_anonftp 512000 513024 0 0 -a &> /dev/null 13.04.2007 - 11:12:54 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1937: setquota -T -g web11_anonftp 604800 604800 -a &> /dev/null Everything looks like it should work but I have no clue why it's not working. I can FTP with a user in ISPConfig and SmartFTP no problem, it's just the anonymous ftp user that has the problems. Thanks!
I'm not sure where that error comes from because the user anonymous is mapped to web11_anonftp in /etc/proftpd_ispconfig.conf: Code: UserAlias anonymous web11_anonftp Does web11_anonftp exist in /etc/passwd?
Yup, that user is in the passwd file: web11_anonftp:x:12011:12011::/var/www/web11/ftp:/bin/false I've tried the method of removing the anonymous ftp from the site, waiting a few minutes then putting it back on. Doesn't have any errors (had to do the -M -> -m fix though).
What fix do you mean? I've just checked on my system, and I also don't have an anonymous user, but it's working on my system. This is my /etc/proftpd.conf (I've left out the comments): Code: ServerName "Debian" ServerType standalone DeferWelcome off ShowSymlinks on MultilineRFC2228 on DefaultServer on ShowSymlinks on AllowOverwrite on TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200 DisplayLogin welcome.msg DisplayFirstChdir .message LsDefaultOptions "-l" DenyFilter \*.*/ Port 21 MaxInstances 30 User nobody Group nogroup DefaultRoot ~ IdentLookups off ServerIdent on "FTP Server ready." <Directory /*> Umask 022 022 AllowOverwrite on </Directory> Include /etc/proftpd_ispconfig.conf
I was reading through the forums to find a fix for this problem and some people had an issue with ISPConfig unable to make the web*_anonftp. The problem was an -M tag in the command. I can't remember where I saw it on here but someone had a fix and the -M should be -m . Once I did that the system was able to create the anon user but I still have the error. I'll check through the proftpd.conf file when I get to work and see if I have any weird errors in it.
