ProFTPD grew out of the desire to have a secure and configurable FTP server, and out of a significant admiration of the Apache web server.
When the Project began, the most commonly used server was wu-ftpd. While wu-ftpd provides excellent performance and is generally a good product, it lacks numerous features found in newer Win32 FTP servers and has a poor security history. Many people, including the developers who work on ProFTPD, had spent a great deal of time fixing bugs and hacking features into wu-ftpd. Unfortunately, it quickly became clear that a complete redesign was necessary in order to implement the configurability and features desired.
In addition to wu-ftpd, there are a few of other FTP servers available which are designed to be light-weight and secure at the expense of configurability. For example, Troll FTP is an excellent FTP daemon which is considerably more secure and less resource-intensive than wu-ftpd. Unfortunately, while it is quite suitable for basic FTP services, it does not offer the feature set required for more sophisticated FTP sites.
ProFTPD is not a hack based on any other server, it's an independent source tree from the ground up. A number of well known and high traffic sites use ProFTPD.
- Single main configuration file, with directives and directive groups which are intuitive to any administrator who has ever used the Apache web server.
- Per directory ".ftpaccess" configuration similar to Apache's ".htaccess".
- Easy to configure multiple virtual FTP servers and anonymous FTP services.
- Designed to run either as a stand-alone server or from inetd/xinetd, depending on system load.
- Anonymous FTP root directories do not require any specific directory structure, system binaries or other system files.
- No SITE EXEC command. In modern Internet environments, such commands are a security nightmare.
- Source code is available (and must always be available) for administrators and developers to audit.
- Hidden directories and files, based on Unix-style permissions or user/group ownership.
- Runs as a configurable non-privileged user in stand-alone mode in order to decrease chances of attacks which might exploit its "root" abilities. Note: This feature is dependent on the capabilities of the host Unix system.
- Logging and utmp/wtmp support. Logging is compatible with the wu-ftpd standard, with extended logging available.
- Shadow password suite support, including support for expired accounts.
- Modular design, allowing server to be extended easily with modules. Modules have been written for SQL databases, LDAP servers, SSL/TLS encryption, RADIUS support, etc.
- IPv6 support.