If passive mode is not enabled on your FTP server, then a customer who’s trying to use passive mode will timeout when trying to get a directory listing. To enable passive mode on your ftp server on a cPanel server, do the following:
Pure-FTP
- SSH to the server as root (or another user, then su to root)
- vi /etc/pure-ftpd.conf
- Uncomment the following line
- # PassivePortRange 30000 50000
- I will typically change the range to something lower though. change 50000 to 35000. This will enable 5,000 ports instead of 20,000 ports
- Save the file and restart pure-ftpd
Proftpd
- SSH to the server as root (or another user, then su to root)
- vi
/etc/proftpd.conf - Add the following line to the first section of the configuration file:
PassivePortRange 30000 35000
- Save the file, then restart proftpd
NOTE:
If you have a very busy server in regards to FTP, then you should indeed enable more ports, and perhaps go with the 20,000 ports (ie: 30000 – 50000)
If you have CSF installed, then you’ll also need to enable these ports in CSF. I’ll list those steps bellow:
Enable ports in CSF Firewall
- SSH to the server as root (or another user, then su to root)
- vi /etc/csf/csf.conf
- Search for the line that starts with TCP_IN =
- At the end of this line (inside of the quotation marks) add this
- 30000:35000
- Save the file
- Flush and restart CSF
- csf -f
- csf -r
The 30000:35000 means that it will allow ALL ports between 30000 and 35000 through the firewall.
