You have next situation. You support a number of online "communities" each of which has its own web page. Configure vsftpd so that user ftpguest with password ftpguest is chrooted into /var/www/html/communy and starts in /var/www/html/communy/ftpguest. Do not allow ftpguest to have interactive shell access. Make sure SELinux does not block ftp access to home directories.

[root@security1 ~]# useradd -d /var/www/html/community/ftpguest ftpguest
[root@security1 ~]# setsebool -P ftp_home_dir on

Change /etc/passwd so ftpguest can't login to system.


Change /etc/vsftpd/vsftpd.conf so ftpguest is chroot.


You should add file /etc/vsftpd/chroot_list and inside this file you will chroot users. So inside this file put ftpguest user. Restart service and try to ssh on security1.