# Disable Anonymous login

anonymous_enable=NO

# Controls whether local logins are permitted or not. If enabled, normal user accounts in /etc/passwd 
# (or wherever your PAM config references) may be used to log in. 
# This must be enable for any non-anonymous login to work, including virtual users.

local_enable=YES

# This controls whether any FTP commands which change the filesystem are allowed or not. (we override later)

write_enable=NO

# by default, virtual users are treated with anonymous (i.e. maximally restricted) privilege. (we override later)

anon_upload_enable=NO

# When enabled, anonymous users will only be allowed to download files which are world readable

anon_world_readable_only=NO

# If set to YES, anonymous users will be permitted to create new directories (we override later)

anon_mkdir_write_enable=NO

# operation other than upload, creation consider as other_write e.g.. overwrite ( we override later)
anon_other_write_enable=NO

# define custom pam service for our purpose.

pam_service_name=ftp

# chroot users !! yeah we need this

chroot_local_user=YES

# Guest enable will separate login from passwd - so you do not need system account to exists.
# need this for standalone authentication.

guest_enable=YES

# where you want to guest user to - generally apache user OR directory owner

guest_username=www

# This needed as listen has to be enable for ftp to work

listen=YES

# Passive port range specification

pasv_min_port=30000
pasv_max_port=30999

# Location where we override all above options where we need overriding.

user_config_dir=/etc/vsftpd/vsftpd_user_conf

# Need this to disable some users from system

userlist_enable=YES

# List of the users which is disabled

userlist_file=/etc/vsftpd/denied_users

# Maximum ftp client at any given moment of time

max_clients=100

# How many connection from single ip

max_per_ip=10