• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

FTP site on non-standard port?

I

inCharge.co.uk

Guest
I'm trying to set up an FTP site to access files outside of the Plesk file structure, to upload & download files that I don't want Plesk to backup.

Rather than mess with Plesk's FTP setup, I setup a seperate FTP site in IIS manager on a non-standard port and enabled the port in the Plesk firewall.

I also setup a user account in the Windows user manager and grant it permission to access that disk space.

The FTP client authenticates OK, but then I get 'Invalid PORT Command'.

Any ideas?

Cheers,
Julian
 
The problem is the 2nd FTP channel for data. But that could be any one of a wide range of ports. Windows Firewall doesn't allow you to open a range of ports.

This page suggests opening all ports individually. Is this really necessary?
http://www.newagedigital.com/cgi-bin/newagedigital/articles/ms-firewall-ftp.html

IIS FTP is working fine on port 21. I can't see firewall exceptions that would allow its data channels. How does that work?

If the firewall is switched off then there's no problem, but that's not an option.
 
To enable FTP on a non-standard port, specify every possible data channel port individually as a firewall exception. But first, reduce the number of possible ports by configuring the range like so:

cscript c:\Inetpub\AdminScripts\adsutil.vbs set /MSFTPSVC/PassivePortRange "10000-10007"

Then restart the service.
This example allocates 8 ports in the range 10000 to 10007.
The lower value must be greater than 5000, otherwise the FTP service will not restart.
Make sure that this range doesn't conflict with any other services using the non-standard port range (1025-65535).
(It's good practice to know what ports are used by what and minimise them to reduce the attack surface.)

This property can be set only at the service level i.e. for all FTP sites. You can't set the range individually per site or IP address.
To query the current value use the command:

cscript c:\Inetpub\AdminScripts\adsutil.vbs enum /MSFTPSVC

If PassivePortRange isn't among the settings listed, then it's using the default 1025-5000
 
You must log in or register to reply here.

Similar threads

P
Issue Unable to set up Remote Storage Settings
Replies
2
Views
1K
Paolo Percassi
P
T
Question Second Storage/Hosted Path for Site
Replies
2
Views
614
theywill
T
C
Issue FTP(S) Backups slow as molasses
Replies
7
Views
2K
trialotto
T
VirtualHorror
Issue Plesk backup issue - taking too long to list files of a particular website
2
Replies
20
Views
3K
VirtualHorror
VirtualHorror
B
Resolved Error Adding Domain - Creating Physical Hosting
Replies
2
Views
2K
Bricee
B
Back
Top