FTP User cannot log-in Proftpd


After upgrading to Virtualmin 4.02 gpl, FTP user cannot log-in to Proftpd. I’m using the server administration user to log-in and it looks like the user exists but password is always denied (says wrong password). How do I fix this?

# This is the ProFTPD configuration file # $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $

ServerName “ProFTPD server”
ServerIdent on “FTP Server ready.”
ServerAdmin root@localhost
ServerType standalone
#ServerType inetd
DefaultServer on
AccessGrantMsg “User %u logged in.”
#DisplayConnect /etc/ftpissue
#DisplayLogin /etc/ftpmotd
#DisplayGoAway /etc/ftpgoaway
DeferWelcome off

Use this to excude users from the chroot

DefaultRoot ~ !adm

Use pam to authenticate (default) and be authoritative

AuthPAMConfig proftpd
AuthOrder mod_auth_pam.c* mod_auth_unix.c

Do not perform ident nor DNS lookups (hangs when the port is filtered)

IdentLookups off
UseReverseDNS off

Port 21 is the standard FTP port.

Port 21

Umask 022 is a good standard umask to prevent new dirs and files

from being group and world writable.

Umask 022

Default to show dot files in directory listings

ListOptions “-a”

See Configuration.html for these (here are the default values)

#MultilineRFC2228 off
#RootLogin off
#LoginPasswordPrompt on
#MaxLoginAttempts 3
#MaxClientsPerHost none
#AllowForeignAddress off # For FXP

Allow to resume not only the downloads but the uploads too

AllowRetrieveRestart on
AllowStoreRestart on

To prevent DoS attacks, set the maximum number of child processes

to 30. If you need to allow more than 30 concurrent connections

at once, simply increase this value. Note that this ONLY works

in standalone mode, in inetd mode you should use an inetd server

that allows you to limit maximum number of processes per service

(such as xinetd)

MaxInstances 20

Set the user and group that the server normally runs at.

User nobody
Group nobody

Disable sendfile by default since it breaks displaying the download speeds in

ftptop and ftpwho

UseSendfile no

This is where we want to put the pid file

ScoreboardFile /var/run/proftpd.score

Normally, we want users to do a few things.

AllowOverwrite yes AllowAll RootLogin on

Define the log formats

LogFormat default “%h %l %u %t “%r” %s %b”
LogFormat auth “%v [%P] %h %t “%r” %s”


Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html

#TLSEngine on
#TLSRequired on
#TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem
#TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem
#TLSCipherSuite ALL:!ADH:!DES
#TLSOptions NoCertRequest
#TLSVerifyClient off
##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
#TLSLog /var/log/proftpd/tls.log

SQL authentication Dynamic Shared Object (DSO) loading

See README.DSO and howto/DSO.html for more details.


LoadModule mod_sql.c

LoadModule mod_sql_mysql.c

LoadModule mod_sql_postgres.c


A basic anonymous configuration, with an upload directory.

#<Anonymous ~ftp>

User ftp

Group ftp

AccessGrantMsg “Anonymous login ok, restrictions apply.”

# We want clients to be able to login with “anonymous” as well as “ftp”

UserAlias anonymous ftp

# Limit the maximum number of anonymous logins

MaxClients 10 “Sorry, max %m users – try again later”

# Put the user into /pub right after login

#DefaultChdir /pub

# We want ‘welcome.msg’ displayed at login, ‘.message’ displayed in

# each newly chdired directory and tell users to read README* files.

DisplayLogin /welcome.msg

DisplayFirstChdir .message

DisplayReadme README*

# Some more cosmetic and not vital stuff

DirFakeUser on ftp

DirFakeGroup on ftp

# Limit WRITE everywhere in the anonymous chroot


# An upload directory that allows storing files but not retrieving

# or creating directories.

<Directory uploads/*>

AllowOverwrite no



# Don’t write anonymous accesses to the system wtmp file (good idea!)

WtmpLog off

# Logging for the anonymous transfers

ExtendedLog /var/log/proftpd/access.log WRITE,READ default

ExtendedLog /var/log/proftpd/auth.log AUTH auth


Maybe try changing “TLSRequired on” to “TLSRequired off”

Maybe try commenting out the “DefaultRoot ~ !adm” line

(also, you have both “RootLogin off” and “RootLogin on”, might want to find a default proftpd.conf file and try it)

These Debian 7.1 conf files (below) work for me.


Include /etc/proftpd/modules.conf
UseIPv6 off
ServerName “example.com
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayChdir .message true
ListOptions “-l”
DenyFilter *.*/
Port 21
PassivePorts 35000 35999
MaxInstances 30
User proftpd
Group nogroup
Umask 022 022
AllowOverwrite on
TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log

QuotaEngine off

Ratios off

DelayEngine on

ControlsEngine off
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock

AdminControlsEngine off

Include /etc/proftpd/tls.conf

DefaultRoot ~
RootLogin off
IdentLookups off
ServerIdent on “FTP Server ready.”
UseFtpUsers on
RequireValidShell on

Include /etc/proftpd/conf.d/


TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol SSLv3 TLSv1
TLSRSACertificateFile /etc/proftpd/ftpd-rsa.pem
TLSRSACertificateKeyFile /etc/proftpd/ftpd-rsa-key.pem
TLSCACertificateFile /etc/ssl/certs/ca-certificates.crt
TLSVerifyClient off
TLSRenegotiate required off
#TLSRequired on
TLSOptions AllowClientRenegotiations NoCertRequest NoSessionReuseRequired


I suspect you’re using CentOS, with a third party repository enabled… ProFTPd from some third party repositories is known to cause the problems you’re seeing.

That issue, and the fix, is described in the section of the following document titled “Why does PHP / ProFTPd no longer work after performing updates? (I’m using CentOS, and enabled third party repositories)”:


Hi Andrey,

That’s fixed it. Thank you!

Another strange thing, I can’t seem to get Virtual server to run as mod_php (there is no mod_php option under Website Option) what do i have to do to see this option or get virtual server to run as mod_php?

I’m on CentOS 6 and Apache version 2.2.15.

Are you by chance using a third party PHP version as well? :slight_smile:

It’s possible that’s related, though there’s a few different things that could cause that.

What output do you see if you run this command:

rpm -qa | grep php5

I ran the command and it outputs nothing :frowning:

I’m not very good with Linux so I’m not sure what I did when I need something done, usually I just googled what i need and follows the instructions. If I’m running third party PHP, does that mean I need to remove PHP and install it again? will that cos problems with the sites?

Nuts, I think the command I gave you was slightly incorrect… try this one:

rpm -qa | grep php