ProFTP File Restrictions
With Pro FTP, you can quickly add conditions to an FTP account. There can very a variety of reasons why you would want to limit FTP to certain files types. For example, let’s say you hired a web designer from overseas to work on a project.
Without placing file restrictions, he could potentially transfer PHP, Perl or Python files which could snoop around your system or reveal sensitive data. Or, he could create an ‘.htaccess’ file and do all sorts of undesirable stuff like allow .txt files to be interpreted as php.
With shell access, you can easily restrict the files that can be transfered with ‘PathDenyFilter’. The example below will demonstrate its usage. First of all, the line starting with ”PathDenyFilter’ is added to the file /etc/proftpd.cond. After that, the ftp services is restarted. If you attempt to transfer a file like .htacccess, or one with an extension like ‘.pl’ or ‘.php’ you will fail.
<VirtualHost 126.96.36.1999> ServerName ftp.example.com AuthUserFile /etc/proftpd/example MaxClients 3 "Sorry, this ftp server has reached its maximum user count (%m). Please try again later" DirFakeGroup On ftpgroup DirFakeUser On ftpuser DefaultRoot ~ PathDenyFilter "(\\.ftpaccess|\\.htaccess|\.(pl|php))$"