|What do you mean by "secure"? That will dictate what you do. |
Off the top of my head... with 10, create a container/zone for the web server. Then start editing you ftp access files: /etc/ftpd, for your real, anonymous or guest use... again it will all depend on what you want to do. Man the files, that should lead you in the right direction. You will want to make sure you chroot your environment so people won't be able to pull root files.
If it's a high traffic site, look into taking ftpd out of inetd and running it as a stand alone server. (NOTE: 2.10 has a new trick where you can't just hup the daemon anymore.... I forget what it is, double check your /var/adm/messages to make sure you don't have errors.)
Sun's Bigadmin might have an article on ftp. IT DOES HAVE ONE FOR ZONES!
A helpful hint.... DOCUMENT WHAT YOU DO. It really comes in handy later in life... and you don't have to reinvent the wheel.