Sometimes you may want to have ftp access to the www-root of a webserver for some developers or so. A simple way to do this is using proftpd and jailing your users into www-root directory
aptitude install proftpd
User creation and permissions
First of all you have to create a user, developer f.e. This user has to have www-data as primary group, so that files and folders created by him, get www-data as group-attribute.
This assumes that you’re using debian with apache2, which is usually executed as user www-data.
# create new user with primary group www-data adduser developer --ingroup www-data
To grant your ftp-users some rights on your www-root, you have to change permissions.
chown -R www-data:www-data /var/www chmod -R 775 /var/www
Edit /etc/proftpd/prftpd.conf to set some nice or needed options.
# make proftpd listen on vpn ip (if you like to do) DefaultAddress 10.0.0.1 SocketBindTight on # Use this to jail all users in their homes DefaultRoot /var/www/ # Umask 022 is a good standard umask to prevent new files and dirs # (second parm) from being group and world writable. Umask 006 007 # user access limitations <Limit LOGIN> AllowUser developer DenyAll </Limit>