{"id":1561,"date":"2019-04-24T11:50:03","date_gmt":"2019-04-24T06:20:03","guid":{"rendered":"https:\/\/www.coimbatorewebhosting.com\/blog\/?p=1561"},"modified":"2019-05-15T16:32:09","modified_gmt":"2019-05-15T11:02:09","slug":"ftp-passive-ports-range-cpanel","status":"publish","type":"post","link":"https:\/\/coimbatorewebhosting.com\/blog\/ftp-passive-ports-range-cpanel\/","title":{"rendered":"Configuring FTP Passive ports range in cPanel server"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/coimbatorewebhosting.com\/blog\/ftp-passive-ports-range-cpanel\/#Configuring_FTP_Passive_ports_range_in_cPanel_server\" >Configuring FTP Passive ports range in cPanel server<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/coimbatorewebhosting.com\/blog\/ftp-passive-ports-range-cpanel\/#Active_mode_vs_Passive_mode_%E2%80%93_which_is_more_convenient_for_you\" >Active mode vs Passive mode &#8211; which is more convenient for you?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/coimbatorewebhosting.com\/blog\/ftp-passive-ports-range-cpanel\/#How_to_Enable_the_passive_port_range_for_Pure-FTPd\" >How to Enable the passive port range for Pure-FTPd<\/a><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h1 class=\"post-title entry-title fittexted_for_single_post_title\"><span class=\"ez-toc-section\" id=\"Configuring_FTP_Passive_ports_range_in_cPanel_server\"><\/span>Configuring FTP Passive ports range in cPanel server<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p>FTP uses two ports, a data port and a command port, to transfer information between a client and a server. During a typical active mode session, the command port uses port 21 and the data port uses port 20. When you use a passive mode, however, the data port does not always use port 20.<\/p>\n<p>Let see about, what is\u00a0 Active FTP and what is Passive FTP ?<\/p>\n<p><strong>ACTIVE FTP<\/strong><\/p>\n<p>In <em>active<\/em> mode, the FTP server responds to the connection attempt and returns a connection request from a different port to the FTP client. Network Address Translation (NAT) configurations block this connection request.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-1563\" src=\"https:\/\/www.coimbatorewebhosting.com\/blog\/wp-content\/uploads\/2019\/04\/FTP-passive-pots.png\" alt=\"\" width=\"400\" height=\"168\" srcset=\"https:\/\/coimbatorewebhosting.com\/blog\/wp-content\/uploads\/2019\/04\/FTP-passive-pots.png 400w, https:\/\/coimbatorewebhosting.com\/blog\/wp-content\/uploads\/2019\/04\/FTP-passive-pots-300x126.png 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><\/p>\n<p>In the above figure, a user connects from a random port on a file transfer client to port 21 on the server. It sends the PORT command, specifying what client-side port the server should connect to. This port will be used later on for the data channel and is different from the port used in this step for the command channel.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1564 size-full\" src=\"https:\/\/www.coimbatorewebhosting.com\/blog\/wp-content\/uploads\/2019\/04\/FTP1.png\" alt=\"FTP\" width=\"431\" height=\"241\" srcset=\"https:\/\/coimbatorewebhosting.com\/blog\/wp-content\/uploads\/2019\/04\/FTP1.png 431w, https:\/\/coimbatorewebhosting.com\/blog\/wp-content\/uploads\/2019\/04\/FTP1-300x168.png 300w\" sizes=\"auto, (max-width: 431px) 100vw, 431px\" \/>In the above figure, the server connects from port 20 to the client port designated for the data channel. Once connection is established, file <a  href=\"https:\/\/www.coimbatorewebhosting.com\/blog\/list-of-commands-to-config-vps-through-ssh-putty\/\" title=\"transfers\" alt=\"transfers\">transfers<\/a> are then made through these client and server ports.<\/p>\n<p><strong>PASSIVE FTP<\/strong><\/p>\n<p>In <em>passive<\/em> mode, the FTP client initiates both connection attempts. NAT configurations do <strong>not<\/strong> block this connection request.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-1565\" src=\"https:\/\/www.coimbatorewebhosting.com\/blog\/wp-content\/uploads\/2019\/04\/ftp2.png\" alt=\"\" width=\"432\" height=\"232\" srcset=\"https:\/\/coimbatorewebhosting.com\/blog\/wp-content\/uploads\/2019\/04\/ftp2.png 432w, https:\/\/coimbatorewebhosting.com\/blog\/wp-content\/uploads\/2019\/04\/ftp2-300x161.png 300w\" sizes=\"auto, (max-width: 432px) 100vw, 432px\" \/>In the above figure, the client connects from a random port to port 21 on the server and issues the PASV command. The server replies, indicating which (random) port it has opened for data transfer.The client connects from another random port to the random port specified in the server\u2019s response. Once connection is established, data transfers are made through these client and server ports.<\/p>\n<h4>Active mode vs Passive mode - which is more convenient for you?<\/h4>\n<p>If you compare the above two diagrams, one things that should really stand out are the opposing directions at which the second arrows (which also represent the data channels) are pointing to.<\/p>\n<p><span id=\"hs_cos_wrapper_post_body\" class=\"hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_rich_text\" data-hs-cos-general-type=\"meta_field\" data-hs-cos-type=\"rich_text\">Remember that in an active mode configuration, the server will attempt to connect to a <strong>random<\/strong> client-side port. So chances are, that port wouldn't be one of those predefined ports. As a result, an attempt to connect to it will be blocked by the firewall and <a  href=\"https:\/\/www.coimbatorewebhosting.com\/blog\/need-of-dedicated-ip-address\/\" title=\"no connection\" alt=\"no connection\">no connection<\/a> will be established<\/span><\/p>\n<h4 class=\"fittexted_for_content_h4\"><span class=\"ez-toc-section\" id=\"How_to_Enable_the_passive_port_range_for_Pure-FTPd\"><\/span><strong>How to Enable the passive port range for Pure-FTPd<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>Login to your server <a href=\"https:\/\/www.webhostingchennai.co.in\/blog\/change-ssh-port\/\" rel=\"nofollow noopener\" target=\"_blank\">SSH<\/a> with root, edit the pure-FTPd configuration <a href=\"https:\/\/www.coimbatorewebhosting.com\/blog\/log-for-noconnections-from-an-ip\/\" title=\"file\" alt=\"file\">file<\/a> with below command and search for \u201cPassivePortRange\u201d<\/p>\n<pre>[root@coimbatorewebhosting~]# nano \/etc\/pure-ftpd.conf\r\n\r\n. . . .\r\n# Port range for passive connections replies. - for firewalling.\r\nPassivePortRange 30000 45000\r\n. . . .\r\n<\/pre>\n<p>Modify it as above, save the configuration file and restart the service<\/p>\n<pre>[root@coimbatorewebhosting ~]# service pure-ftpd restart<\/pre>\n<p>Note : Changes made directly to the \/etc\/pure-ftpd.conf file will be overwritten any time the configuration file is rebuilt, which could happen during updates. Changes made to the template file will be applied when the configuration file is rebuilt, so you will want to modify that so your changes are added if the file is rebuilt.<\/p>\n<p>Modify the template file with below command.<\/p>\n<pre>[root@coimbatorewebhosting ~]# nano \/var\/cpanel\/conf\/pureftpd\/main\r\n\r\n. . . .\r\n. . . .\r\nMaxLoad: 4\r\nMinUID: 100\r\nNoAnonymous: 'yes'\r\nPassivePortRange: 30000 45000\r\nProhibitDotFilesRead: 'no'\r\nProhibitDotFilesWrite: 'no'\r\n\r\n. . . . .\r\n<\/pre>\n<p>After modifying that, you can run this command to rebuild the ftp configuration file with your changes, then restart ftp.<\/p>\n<pre>[root@coimbatorewebhosting ~]# \/usr\/local\/cpanel\/bin\/build_ftp_conf\r\n[root@coimbatorewebhosting ~]# \/scripts\/restartsrv_ftpd<\/pre>\n<p>Now, you can able to connect FTP with Passive mode.<\/p>\n<p>Note : Make sure you have configured this passive port range in your <a href=\"https:\/\/configserver.com\/cp\/csf.html\" target=\"_blank\" rel=\"noopener nofollow\">CSF<\/a>, to add this port range in csf use the below command.<\/p>\n<pre>[root@coimbatorewebhosting ~]# nano \/etc\/csf\/csf.conf\r\n\r\n# Allow incoming TCP ports\r\nTCP_IN=\"20,21,22,25,53,80,110,143,443,465,587,2082,2083,2086,2087,2095,2096,30000:45000\"\r\n\r\n# Allow outgoing TCP ports\r\nTCP_OUT = \"20,21,22,25,37,43,53,80,110,113,443,587,873,993,995,2086,2087,2089,2703,30000:45000\"<\/pre>\n<p>Include the Passive Port range and reload the csf<\/p>\n<pre>[root@coimbatorewebhosting ~]# csf -r<\/pre>\n<p>Hope this article helps you, please share your comments to improve better.<\/p>\n<p>And to know about Linux Common Firewall Rules and Commands in iptables <a href=\"https:\/\/www.coimbatorewebhosting.com\/blog\/firewall-rules-commands-iptables\/\">click here.<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Configuring FTP Passive ports range in cPanel server FTP uses two ports, a data port and a command port, to transfer information between a client and a server. During a typical active mode session, the command port uses port 21 and the data port uses port 20. When you use [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1569,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[154,17,3],"tags":[19,164],"class_list":["post-1561","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cpanel-whm","category-general","category-linux","tag-ftp","tag-passive-ports"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/coimbatorewebhosting.com\/blog\/wp-content\/uploads\/2019\/04\/FTP-passive-pots-1.png","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pa2YU7-pb","_links":{"self":[{"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/posts\/1561","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/comments?post=1561"}],"version-history":[{"count":0,"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/posts\/1561\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/media\/1569"}],"wp:attachment":[{"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/media?parent=1561"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/categories?post=1561"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/tags?post=1561"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}