Bug Reporting & Security Guidelines
As the code develops and changes, there will always be new "features" and bugs introduced. While the developers always strive to attain perfection, mistakes and the unexpected do occur.
Diagnosing Problems
Before wading in to track down a problem, it's worth consulting the FAQ and the bug reporting system to see if there are any reports of similar issues.
- Guide on tracking proftpd bugs
- How to Ask Questions the Smart Way
- All open bugs
- All bugs with severity 'normal' or higher
- Requested Enhancements
Reporting Security Issues
Security Contact
Report security-related problems to security@proftpd.org first, before disclosing them in a public forum.
This address cannot accept regular bug reports or other queries. Please use the bug reporting system for those.
The ProFTPD Project takes a very active stance in eliminating security problems and denial of service attacks against the ProFTPD FTP server. We are firm believers in responsible full disclosure and do our best to follow RFPolicy whenever possible.
Please note that all networked servers are subject to denial of service attacks, and we cannot promise magic workarounds to generic problems or issues which are a result of the host OS. In general, our philosophy is to avoid any attacks which can cause the server to consume resources in a non-linear relationship to the size of inputs.