HOW TO: Enable FTP Passive Mode via Command Line
Posted by Asilah A. on 09 February 2021 04:21 PM
|
|
To configure your FTP server, cPanel & WHM version 60 and later:
Pure-FTPd servers To edit the FTP configuration for a PureFTP server, perform the following steps: 1) Log in to the server as the root user via SSH. ForcePassiveIP: 203.0.113.0 If your server does not exist in a NAT configuration, set the ForcePassiveIP option to the following entry: ForcePassiveIP: ~ 4) If you want to change your server's default passive port range, run the following commands: echo "PassivePortRange: 49152 65534" >> /var/cpanel/conf/pureftpd/local 5) Configure your server to allow the passive port range to pass through the firewall. /usr/local/cpanel/scripts/setupftpserver pure-ftpd --force
ProFTPd servers To edit the FTP configuration for a ProFTPd server, perform the following steps: 1) Log in to the server as the root user via SSH. MasqueradeAddress: 203.0.113.0 If your server does not exist in a NAT configuration, set the MasqueradeAddress option to the following entry: MasqueradeAddress: ~ 4) If you want to change your server's default passive port range, run the following commands: echo "PassivePorts: 49152 65534" >> /var/cpanel/conf/proftpd/local 5) Configure your server to allow the passive port range to pass through the firewall. To do this, follow the directions in the Configure the firewall section below. /usr/local/cpanel/scripts/setupftpserver proftpd --force
Configure the Firewall ==== If you use the CSF plugin to manage your server's firewall, open the /etc/csf/csf.conf file, and confirm that the passive port range exists at the end of the TCP_IN line. The system adds your FTP server's passive port range to the firewall by default. WHM > CSF > Firewall Configuration > TCP_IN add "49152:65534" ==== If you use the IPTABLES application for your FTP server's firewall, perform the following steps to add the passive port range to your server's firewall: 1) Open the /etc/sysconfig/iptables file with a text editor. iptables -I INPUT -p tcp --dport 49152:65534 -j ACCEPT ==== If you use the firewalld application for Linux, run the following commands to add the passive port range to your server's firewall: firewall-cmd --permanent --zone=public --add-service=ftp
If you face any difficulties on the setup, please feel free to contact our support team by submitting a ticket on https://247livesupport.biz or emailing out support team at support@247livesupport.biz. | |
|