Were currently forced to run a port 22 varitey ftp server, which I dont like and trying to lock down as well as possible.

One thing I noticed, is the main account username for the domains, if created with the WHM default is simply the first 8 chars of the domain name and obviously easy to guess. I want to disable ftp access to the home directory root for the accounts, and also disable the "main user account" for ftp for each domain as well, opting for a more limited access & harder to guess ftp login user name .

I also want to disable pure-ftp access for certian domains. It doesent seem that this is configurable either.

Im I missing something? I dont see any options to configure much. In WHM FTP server config, there is a "Allow Logins with Root Password" I set to no. This seemed to work for some accounts where it ftp login for the main user account is denied. But for other accounts, it seems not to have any effect, even after restarting.

Also, there is a deamon called pure-auth that seems to start with pureftp, but cannot see any config for that either.

Is there any info on how to lock down pure-ftp beyond the simple? It seems on reading pure-ftp docs, there is no mention of finer grained control. I wanted to see if anyone else knows the best way to lock down the pure-ftp server or any other ideas.

Thanks in advance for any tips!

-Kelly