ProFTPD for wordpress

In order to make updating wordpress nice and easy, you should install an ftp server.  What we do not account for in this setup, is having more than one wordpress site, or other service, accessible via ftp.

For security, you want to listen only on localhost, regardless of whether you have a firewall, as you should not depend on one level of security.

SocketBindTight                 on
DefaultAddress                  localhost

Some more basic changes that I made…

DefaultRoot                 /var/www/site/
#AuthOrder                 mod_auth_pam.c* mod_auth_unix.c

Lastly, you need to add a user and give them a password.  Always remember that you should never give the apache group write access to everything in /var/www, otherwise you are open to more exploits.

useradd -m -g apache blog
passwd blog
chown -R blog:apache /var/www/site