• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

FTP users problem

CoyoteKG

CoyoteKG

Regular Pleskian
Hello, since from beggining I have problem with FTP on my server.

Server is Debian 8.2 and Plesk 12.5.30 Update #20

I have no idea what can be...
At beggining I tried to set to use FTP root, and maybe that I something crashed...

Now, for every webspace I created, and FTP user for that webspace, I cant use FTP.
I tried FTP and SFTP, and ports 21 and 22, and Filezilla and WinSCP...
Only I can do, is upload over browser...

Can you help me, where to look, from what point to beggin?


edit:
now I turned firewall down, and I success to connect on FTP without problem...

What can be problem?
I saw before that In firewall all connections for FTP server are Allowed
FTP server - Allow incoming from all
 
Last edited:
Hello,

The config of FTP behind a firewall (client side or server side) is tricky but it is easy to fix if you know what is going on.

Remember that the FTP protocol uses separate TCP connections for the commands and the data transfer. In fact the port of the data connections is chosen "on the fly" and transmitted in the command connection so that the other side can start the stream pointing to the right TCP port.

If you use the "passive" mode, it is the server who starts listening on one port and indicates the client which port to use so that the client issues the connect.

If you use the "active" mode it is the client who starts listening on one port and passes the port to the server who issues the connect (yes that's right in FTP active mode it is the server who connects and the client who listens for the data transfers).

Now here comes the trick: recent versions of Filezilla default to use passive mode and SSL so you need to have the data port to where the client connects open in the firewall. If you switch to active mode (which must be explicitely enabled in Filezilla 3.10+) you need to disable SSL so that your home router detects the port used by your client and establishes an on-the-fly NAT translation.

Since not all routers can be trusted to do the NAT correctly I use the passive mode, reserving a port range for data connection and opening that port range in the firewall. This can be achieved with the following directive under let's say: /etc/proftp.d/passive_ports.conf:

PassivePorts <first> <last>

and then inserting the appropriate iptables rules or whichever firewall you are using to have that port range open to the world.

Hoping this helps,

Miguel
 
You must log in or register to reply here.

Similar threads

J
Question connect from Filezilla with FTP over TLS
Replies
17
Views
2K
jogisarge
J
M
Resolved Additional FTP account shutting right down after opening (via FTP client)
2
Replies
21
Views
3K
trialotto
T
S
Issue FTP broken?
Replies
0
Views
92
Scared Donut
S
E
Issue Plesk on Ubuntu through AWS Lightsail FTP Issues
Replies
2
Views
172
AYamshanov
AYamshanov
Gh()st
Issue Remote Storage FTP(S) Issue
Replies
0
Views
253
Gh()st
Gh()st
Back
Top