virtualmin · iliaross · May 8, 2026 · May 8, 2026 · May 9, 2026 · May 9, 2026
diff --git a/backup-domain.pl b/backup-domain.pl
@@ -116,7 +116,8 @@ package virtual_server;
 		}
 	elsif ($a eq "--feature") {
 		local $f = shift(@ARGV);
-		$f eq "virtualmin" || $config{$f} ||
+		$f eq "virtualmin" ||
+		   (&indexof($f, @features) >= 0 && $config{$f}) ||
 		   &indexof($f, &list_backup_plugins()) >= 0 ||
 			&usage("Feature $f is not enabled on this system");
 		push(@bfeats, $f);
@@ -521,4 +522,3 @@ sub usage
 print "Multiple destinations can be given by repeating this flag.\n";
 exit(1);
 }
-
diff --git a/backup.pl b/backup.pl
@@ -387,5 +387,3 @@ sub usage
 print "                 [--force-email]\n";
 exit(1);
 }
-
-
diff --git a/config b/config
@@ -3,7 +3,6 @@ mail=1
 web=1
 dns=1
 mysql=1
-ftp=0
 webalizer=0
 iface=
 shell=/dev/null
@@ -39,7 +38,6 @@ udisplay_max=
 postgres=0
 avail_change-user=1
 apache_config=ServerName ${DOM}	ServerAlias www.${DOM}	ServerAlias mail.${DOM}	DocumentRoot ${HOME}/public_html	ErrorLog /var/log/virtualmin/${DOM}_error_log	CustomLog /var/log/virtualmin/${DOM}_access_log combined	ScriptAlias /cgi-bin/ ${HOME}/cgi-bin/	DirectoryIndex index.php index.htm index.html	<Directory ${HOME}/public_html>	    Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch 	    Require all granted	    AllowOverride All	</Directory>	<Directory ${HOME}/cgi-bin>	    Require all granted	    AllowOverride All	</Directory>
-proftpd_config=ServerName ${DOM}	ServerAlias ftp.${DOM}	<Anonymous ${HOME}/ftp>	User ftp	Group ftp	UserAlias anonymous ftp	<Limit WRITE>	DenyAll	</Limit>	RequireValidShell off	ExtendedLog ${HOME}/logs/ftp.log	</Anonymous>
 domain_template=none
 subdomain_template=none
 user_template=none
@@ -49,7 +47,7 @@ reseller_template=none
 edit_afiles=1
 edit_homes=0
 alias_types=1,2,5,6,7,8,9,10,11,12,13
-disable=unix,mail,web,dns,mysql,postgres,ftp
+disable=unix,mail,web,dns,mysql,postgres
 webmin_theme=*
 leave_acl=0
 hard_quotas=1
@@ -201,7 +199,6 @@ reseller_unix=0
 dovecot_ssl=1
 postfix_ssl=1
 mysql_ssl=1
-proftpd_ssl=1
 cert_type=sha2
 gzip_mysql=1
 show_preview=2

diff --git a/config-freebsd b/config-freebsd
@@ -3,7 +3,6 @@ mail=1
 web=1
 dns=1
 mysql=1
-ftp=0
 webalizer=0
 iface=
 shell=/dev/null
@@ -39,7 +38,6 @@ udisplay_max=
 postgres=0
 avail_change-user=1
 apache_config=ServerName ${DOM}	ServerAlias www.${DOM}	ServerAlias mail.${DOM}	DocumentRoot ${HOME}/public_html	ErrorLog /var/log/virtualmin/${DOM}_error_log	CustomLog /var/log/virtualmin/${DOM}_access_log combined	ScriptAlias /cgi-bin/ ${HOME}/cgi-bin/	DirectoryIndex index.php index.htm index.html	<Directory ${HOME}/public_html>	Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch	Require all granted	AllowOverride All	</Directory>	<Directory ${HOME}/cgi-bin>	Require all granted	AllowOverride All	</Directory>
-proftpd_config=ServerName ${DOM}	ServerAlias ftp.${DOM}	<Anonymous ${HOME}/ftp>	User nobody	Group nogroup	UserAlias anonymous nobody	<Limit WRITE>	DenyAll	</Limit>	RequireValidShell off	ExtendedLog ${HOME}/logs/ftp.log	</Anonymous>
 domain_template=none
 subdomain_template=none
 user_template=none
@@ -49,7 +47,7 @@ reseller_template=none
 edit_afiles=1
 edit_homes=0
 alias_types=1,2,5,6,7,8,9,10,11,12,13
-disable=unix,mail,web,dns,mysql,postgres,ftp
+disable=unix,mail,web,dns,mysql,postgres
 webmin_theme=*
 leave_acl=0
 hard_quotas=1
@@ -201,7 +199,6 @@ reseller_unix=0
 dovecot_ssl=1
 postfix_ssl=1
 mysql_ssl=1
-proftpd_ssl=1
 cert_type=sha2
 gzip_mysql=1
 show_preview=2

diff --git a/config.info b/config.info
@@ -3,7 +3,7 @@ mail_system=Mail server to configure,4,0-Postfix,1-Sendmail,2-Qmail,3-Detect aut
 generics=Also update outgoing addresses for mailboxes?,1,1-Yes,0-No
 bccs=Allow automatic BCCing of outgoing email?,1,1-Yes,0-No
 quotas=Set quotas for domain and mail users?,1,1-Yes (if enabled),0-No
-disable=Features to deactivate when disabling,13,unix-Administration user (lock account),mail-Mail (lock mailboxes),web-Website (replace site with error page),dns-DNS (stop serving domain),mysql-MySQL (disallow login by MySQL user),postgres-PostgreSQL (disallow login by PostgreSQL user),ftp-ProFTPD (deny access)
+disable=Features to deactivate when disabling,13,unix-Administration user (lock account),mail-Mail (lock mailboxes),web-Website (replace site with error page),dns-DNS (stop serving domain),mysql-MySQL (disallow login by MySQL user),postgres-PostgreSQL (disallow login by PostgreSQL user)
 disable_mail=When disabling email,1,1-Just lock mailboxes,0-Lock mailboxes and stop accepting email
 ldap=Store users and groups,1,1-In LDAP database,0-In local files
 preload_mode=Preload Virtualmin libraries at startup?,1,2-All libraries,1-Only core,0-No

diff --git a/copycert-lib.pl b/copycert-lib.pl
@@ -38,10 +38,10 @@ sub list_service_ssl_cert_types
 		   'virt' => 1,
 		   'short' => 'p' });
 	}
-if ($config{'ftp'} || &foreign_installed("proftpd")) {
+if (&has_proftpd_support()) {
 	push(@rv, {'id' => 'proftpd',
 		   'dom' => 0,
-		   'virt' => 1,
+		   'virt' => 0,
 		   'short' => 'f' });
 	}
 if ($config{'mysql'}) {
@@ -254,48 +254,23 @@ sub get_all_service_ssl_certs
 		}
 	}
 
-if ($config{'ftp'} || &foreign_installed("proftpd")) {
-	# Check ProFTPd per-IP certificate
-	&foreign_require("proftpd");
-	my $conf = &proftpd::get_config();
-	if ($perip) {
-		my ($virt, $vconf) = &get_proftpd_virtual($d);
-		if ($virt) {
-			my $cfile = &proftpd::find_directive(
-					"TLSRSACertificateFile", $vconf);
-			$cfile ||= &proftpd::find_directive(
-					"TLSECCertificateFile", $vconf);
-			my $kfile = &proftpd::find_directive(
-					"TLSRSACertificateKeyFile", $vconf);
-			$kfile ||= &proftpd::find_directive(
-					"TLSECCertificateKeyFile", $vconf);
-			my $cafile = &proftpd::find_directive(
-					"TLSCACertificateFile", $vconf);
-			if ($cfile) {
-				push(@svcs, { 'id' => 'proftpd',
-					      'cert' => $cfile,
-					      'key' => $kfile,
-					      'ca' => $cafile,
-					      'prefix' => 'ftp',
-					      'port' => 990,
-					      'ip' => $d->{'ip'},
-					      'd' => $d,
-					    });
-				}
-			}
-		}
-
+my $proftpd_conf;
+if (&has_proftpd_support()) {
 	# Check ProFTPd global certificate
+	&foreign_require("proftpd");
+	$proftpd_conf = &proftpd::get_config();
+	}
+if ($proftpd_conf) {
 	my $cfile = &proftpd::find_directive(
-			"TLSRSACertificateFile", $conf);
+			"TLSRSACertificateFile", $proftpd_conf);
 	$cfile ||= &proftpd::find_directive(
-			"TLSECCertificateFile", $conf);
+			"TLSECCertificateFile", $proftpd_conf);
 	my $kfile = &proftpd::find_directive(
-			"TLSRSACertificateKeyFile", $conf);
+			"TLSRSACertificateKeyFile", $proftpd_conf);
 	$kfile ||= &proftpd::find_directive(
-			"TLSECCertificateKeyFile", $conf);
+			"TLSECCertificateKeyFile", $proftpd_conf);
 	my $cafile = &proftpd::find_directive(
-			"TLSCACertificateFile", $conf);
+			"TLSCACertificateFile", $proftpd_conf);
 	if ($cfile) {
 		push(@svcs, { 'id' => 'proftpd',
 			      'cert' => $cfile,
@@ -702,6 +677,7 @@ sub copy_proftpd_ssl_service
 my ($d) = @_;
 
 # Get the ProFTPd config and cert files
+&has_proftpd_support() || &error($text{'copycert_eproftpd'});
 &foreign_require("proftpd");
 &proftpd::lock_proftpd_files();
 my $conf = &proftpd::get_config();

diff --git a/create-scheduled-backup.pl b/create-scheduled-backup.pl
@@ -122,7 +122,8 @@ package virtual_server;
 		}
 	elsif ($a eq "--feature") {
 		local $f = shift(@ARGV);
-		$f eq "virtualmin" || $config{$f} ||
+		$f eq "virtualmin" ||
+		   (&indexof($f, @features) >= 0 && $config{$f}) ||
 		   &indexof($f, &list_backup_plugins()) >= 0 ||
 			&usage("Feature $f is not enabled on this system");
 		push(@bfeats, $f);
@@ -437,4 +438,3 @@ sub usage
 print "Multiple destinations can be given by repeating this flag.\n";
 exit(1);
 }
-
diff --git a/edit_newbw.cgi b/edit_newbw.cgi
@@ -126,7 +126,7 @@ print &ui_table_row(&hlink($text{'newbw_servers'}, "bandwidth_serversmode"),
 				   [ &list_visible_domains() ]));
 
 # Log files for FTP and mail
-$defftplog = $config{'ftp'} ? &get_proftpd_log() : undef;
+$defftplog = &get_proftpd_log();
 print &ui_table_row(&hlink($text{'newbw_ftplog'}, "bandwidth_ftplog_def"),
 	&ui_opt_textbox("ftplog", $config{'bw_ftplog'}, 40,
 	  $defftplog ? &text('newbw_ftplogdef', "<tt>$defftplog</tt>")."<br>"
@@ -175,4 +175,3 @@ if ($config{'bw_active'} && $virtualmin_pro) {
 print &ui_buttons_end();
 
 &ui_print_footer("", $text{'index_return'});
-
diff --git a/edit_user.cgi b/edit_user.cgi
@@ -157,7 +157,7 @@ elsif ($user_type eq 'ftp') {
 	$user = &create_initial_user($d, undef, 1);
 
 	# FTP user in a sub-server .. check if FTP restrictions are active
-	if ($user->{'webowner'} && $d->{'parent'} && $config{'ftp'}) {
+	if ($user->{'webowner'} && $d->{'parent'} && &has_ftp_chroot()) {
 		my @chroots = &list_ftp_chroots();
 		my ($home) = grep { $_->{'dir'} eq '~' } @chroots;
 		if (!$home) {
@@ -617,7 +617,7 @@ else {
 		}
 
 	# FTP user in a sub-server .. check if FTP restrictions are active
-	if ($user->{'webowner'} && $d->{'parent'} && $config{'ftp'}) {
+	if ($user->{'webowner'} && $d->{'parent'} && &has_ftp_chroot()) {
 		my @chroots = &list_ftp_chroots();
 		my ($home) = grep { $_->{'dir'} eq '~' } @chroots;
 		if (!$home) {
Original file line number	Diff line number	Diff line change
Expand Up		@@ -387,5 +387,3 @@ sub usage
		print " [--force-email]\n";
		exit(1);
		}