Of course, we can use TLSRequired off in our ProFTPd configuration as this allows for TLS and non-TLS logins, but if you want to make your FTP setup as secure as possible, you should enforce the use of TLS and make exceptions only for the users or groups that use an FTP client that doesn't support TLS (if using another FTP client is not an option for those users). If we want to allow the FTP user testuser to use plain FTP instead of FTP, we can configure this as follows: PATH: /etc/proftpd/conf.d/99_override.conf TLSRequired off