SSLEngine on
SSLProtocol all -SSLv2 //只允许SSLv3和TLSv1,SSLv2有缺陷禁止掉
SSLCipherSuite RSA:DH:DSS:!EXP:!NULL:!ADH:!EDH:!LOW:!RC4:!MD5:HIGH:MEDIUM //最终的结果就是Key Exchange=RSA/DH,Authentication=RSA/DSS,Cipher Encoding=AES(128/256)/3DES(168),MAC Digest=SHA1
SSLCertificateFile /etc/ssl/certs/nnlm.cer //CA颁发的证书
SSLCertificateKeyFile /etc/ssl/private/nnlm.key //证书的私钥
SSLCertificateChainFile /etc/ssl/certs/chain.cer //证书链,所有的证书链全部写到一个文件里面

Order Allow,Deny Apache ProFTPD
仅匹配Allow Allow Allow
仅匹配Deny Deny Deny
没有匹配 默认Deny 默认Allow
匹配Allow和Deny 最后匹配Deny 首先匹配Allow

Order Deny,Allow Apache ProFTPD
仅匹配Allow Allow Allow
仅匹配Deny Deny Deny
没有匹配 默认Allow 默认Deny
匹配Allow和Deny 最后匹配Allow 首先匹配Deny

参考:
http://httpd.apache.org/docs/1.3/mod/mod_access.html
http://www.proftpd.org/docs/directives/linked/config_ref_Order.html
http://www.proftpd.org/docs/howto/Limit.html