How to Install and Configure ProFTPD on Ubuntu 14.04 Server

By | June 6, 2016

ProFTPD (short for Pro FTP daemon) is an FTP server. ProFTPD is Free and open-source software, compatible with Unix-like systems and Microsoft Windows (via Cygwin). Along with vsftpd and Pure-FTPd, ProFTPD is among the most popular FTP servers in Unix-like environments today.

This article assumes you have at least basic knowledge of linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple. I will show you through the step by step installation ProFTPD in ubuntu 14.04 server.

Install ProFTPD on Ubuntu 14.04

Step 1. First make sure that all your system packages are up-to-date by running these following apt-get commands in the terminal.

root@gs01:~# sudo apt-get update -y && sudo apt-get upgrade -y

Step 2. Install ProFTPD and all required packages.

root@gs01:~# sudo apt-get install proftpd

During the installation, you’ll be prompted to choose the installation method that you prefer. There are two installation methods, inetd  and the standalone.  For this installation I selected “Standalone” method, and then OK to finish the installation.

Step 3. Configure ProFTPD

Let’s edit the configuration file for ProFTPD:

root@gs01:~# vi /etc/proftpd/proftpd.conf

Change the ServerName to the hostname of your server. In the case below, is an example:

ServerName “your.servername.whatever”

To limit users to their home directory uncomment the line that says DefaultRoot:

# Use this to jail all users in their homes
DefaultRoot ~

Exit and save the file with the command :wq .

Create FTP User

Step 4. Add an FTP User.

Before you create a user for Proftpd, please add /bin/false to your /etc/shells file:

 root@gs01:~# echo “/bin/false” >> /etc/shells

Create a user with a home directory where he will get access to by FTP. I will disable shell access for this user by assigning the “/bin/false” shell to him to ensure that he can not login by SSH. My username is named “ftp-user”, please replace ftp-user with your username in the next command:

root@gs01:~# adduser --home /home/ftp-user --shell /bin/false ftp-user

Step 5. Granting write permissions.

NB: Make sure that you grant write permissions to ftp-user User and ftp-user group, and remember to replace ftp-user with your username in the next command:

root@gs01:~#chown -R ftp-user:ftp-user /home/ftp-user 

And if you don’t grant write permissions to your ftp-user you will definitely encounter the following errors:

After installing proftpd on my ubuntu 14.04 server. I encountered the following technical issues.
tatus: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Connected
Status: Retrieving directory listing...This is happening when using ftp client FileZilla.

Some of the errors I encountered:

Status: Connection attempt failed with "ECONNREFUSED - Connection refused by server".
Error: Could not connect to server

Then set the ProFTPD service to start at boot:

root@gs01:~#update-rc.d proftpd defaults

Step 6. Implementing Iptables Rule.

Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel.

root@gs01:~#iptables -A INPUT -p tcp -m tcp --dport 21 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
root@gs01:~#iptables -A INPUT -p udp -m udp --dport 21 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
root@gs01:~#iptables -A INPUT -p tcp -m tcp --dport 49152:65534 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
root@gs01:~#iptables -A INPUT -p udp -m udp --dport 49152:65534 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
root@gs01:~#iptables -A OUTPUT -p tcp -m tcp --dport 21 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
root@gs01:~#iptables -A OUTPUT -p udp -m udp --dport 21 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
root@gs01:~#iptables -A OUTPUT -p tcp -m tcp --dport 49152:65534 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
root@gs01:~#iptables -A OUTPUT -p udp -m udp --dport 49152:65534 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
root@gs01:~#iptables -A INPUT -j DROP

Save Firewall Rules

To save firewall rules under ubuntu 14.04 server, enter:

root@gs01:~#service iptables-persistent save

Restart the ProFTPD service:

root@gs01:~#service proftpd stop && service proftpd start

Step 7. Access the FTP server.

Once you have installed the FTP server successfully, Now all you have to do is open an FTP client like FileZilla and connect to the server using its IP address, hostname or domain name. If  everything is configure correctly, you should be granted access to the server with the correct username and password.

Leave a Reply

Your email address will not be published. Required fields are marked *