[Proftpd-user] No TLS for connections from localhost - proftpd

This is a discussion on [Proftpd-user] No TLS for connections from localhost - proftpd ; My server is running proftpd with TLS - and works fine. For all connections from localhost (i.g. a webapplikation on the same machine) I want TLS being disabled. Is this possible with only one host, or do I have to ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: [Proftpd-user] No TLS for connections from localhost

  1. [Proftpd-user] No TLS for connections from localhost

    My server is running proftpd with TLS - and works fine.
    For all connections from localhost (i.g. a webapplikation on the same machine) I want TLS being disabled.
    Is this possible with only one host, or do I have to configure an additional vhost wothout TLS and logins limited to localhost ??

    Thanks for any ideas and comment.
    Quirn




    -------------------------------------------------------------------------
    This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
    Build the coolest Linux based applications with Moblin SDK & win great prizes
    Grand prize is a trip for two to an Open Source event anywhere in the world
    http://moblin-contest.org/redirect.p...r_id=100&url=/
    _______________________________________________
    ProFTPD Users List
    Unsubscribe problems?
    http://www.proftpd.org/list-unsub.html


  2. Re: [Proftpd-user] No TLS for connections from localhost


    > For all connections from localhost (i.g. a webapplikation on the same
    > machine) I want TLS being disabled. Is this possible with only one
    > host, or do I have to configure an additional vhost wothout TLS and
    > logins limited to localhost ??


    You can use the mod_ifsession module, and Classes, for doing this:

    http://www.proftpd.org/docs/contrib/mod_ifsession.html
    http://www.proftpd.org/docs/howto/Classes.html

    Using these, you could use something like the following in your
    proftpd.conf:


    From localhost 127.0.0.1



    ...


    # TLS is not required for clients from this class
    TLSRequired off



    # All other clients need to use SSL/TLS
    TLSRequired on




    If instead of requiring SSL/TLS (via the TLSRequired directive), you might
    use the TLSEngine directive, depending on what functionality you need.

    Hope this helps,
    TJ

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    It is a strange desire to seek power and to lose liberty.

    -Francis Bacon

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    -------------------------------------------------------------------------
    This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
    Build the coolest Linux based applications with Moblin SDK & win great prizes
    Grand prize is a trip for two to an Open Source event anywhere in the world
    http://moblin-contest.org/redirect.p...r_id=100&url=/
    _______________________________________________
    ProFTPD Users List
    Unsubscribe problems?
    http://www.proftpd.org/list-unsub.html


+ Reply to Thread