Tweet
If you running a FTP server (Pureftp/Proftp) with a CSF firewall (very importantly in VPS or virtuozzo etc), it is very important to to enable passive mode, because this mode, works best for ftp clients protected by firewall since the client initiates the connection. If you dont enable this mode in VPS you might encounter problems like ftp server will be unresponsive or hang.
How to enable passive mode?
1. Add Passive Port range 30000-350000 to your Pureftp or Proftp configuration file
(i) Pureftpd
open /etc/pure-ftpd.conf, and this line
(ii) ProFTP
Open /etc/proftpd.conf, and add this line
2. Open the ports from 30000 – 35000 in your CSF firewall configuration file under TCP_IN
Open /etc/csf/csf.conf
Then restart firewall and ftp server.
Once this is done, open your ftp client and try connecting to ftp server. It should be able to work in passive mode.
How to enable passive mode?
1. Add Passive Port range 30000-350000 to your Pureftp or Proftp configuration file
(i) Pureftpd
open /etc/pure-ftpd.conf, and this line
Code:
PassivePortRange 30000 35000
(ii) ProFTP
Open /etc/proftpd.conf, and add this line
Code:
PassivePorts 30000 35000
2. Open the ports from 30000 – 35000 in your CSF firewall configuration file under TCP_IN
Open /etc/csf/csf.conf
Code:
# Allow incoming TCP ports TCP_IN = "20,21,22,25,53,80,110,30000:35000"
Code:
service csf restart service pureftpd restart (or) service proftpd restart