This is an old revision of the document!
Very secure, but hard to configure for virtual users and chroot.
Here i have crack it down one day for my client.
anonymous_enable=NO local_enable=YES write_enable=NO anon_upload_enable=NO anon_mkdir_write_enable=NO anon_other_write_enable=NO pam_service_name=ftp chroot_local_user=YES guest_enable=NO guest_username=www listen=YES pasv_min_port=30000 pasv_max_port=30999 user_config_dir=/etc/vsftpd/vsftpd_user_conf userlist_enable=YES userlist_file=/etc/vsftpd/denied_users
auth required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login account required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login