Make FTP server secure on Linux : RHEL, CentOS, UBUNTU

To install FTP on Linux Server, click here

1) Open vsftpd.conf (/etc/vsftpd.conf or/etc/vsftpd/vsftpd.conf)
To prevent anonymous log-in, Set anonymous_enable=NO
 In vsftpd.conf, if anonymous_enable=YES, There is no need to put username & password. If you put only hostname and try to log-in, you can log-in. This situation is very dangerous.
For security purpose, Always set this attribute NO. 

2) These are the harmful content for your vsftpd.
If your vsftpd file (/etc/pam.d/vsftpd) has following content, it will allow blank or wrong password. It is a threat for your security.

auth sufficient /lib/security/pam_pwdfile.so pwdfile /home/ftp/passwd
auth required pam_shells.so
account required pam_permit.so

Never make auth sufficient , it should be required always.

Never leave your vsftpd file with above content.

3) Never allow blank or wrong password for ftp user 
Make Sure your vsftpd file has following content

If it is Debian, Ubuntu

auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed

@include common-account

@include common-session

@include common-auth

auth required pam_shells.so

If it is CentOS, RHEL

session    optional     pam_keyinit.so    force revoke
auth       required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
auth       required pam_shells.so
auth       include password-auth
session    include password-auth
session    required     pam_loginuid.so
account    include password-auth

4) When you make any changes in the file vsftpd.conf, make sure you have restarted the vsftpd.