Initial FTP configuration on VPS/Dedicated servers

If you have just purchased a new VPS with cPanel pre-installed, you may find that you are unable to access any of your cPanels via FTP.

After entering the correct login details, your FTP client will log in successfully, however, the connection will time-out during the directory listing:


This is a typical error on a brand-new installation of cPanel, which is caused by a conflict in the configuration of the FTP server and CSF firewall.

The FTP server is configured to use ports between 49152 and 65534 for data transmission. These ports are blocked by default in CSF.

There are two modifications you need to make the FTP connection work properly:

1. Change the PassivePortRange of your Pure-FTPd server from 49152 - 65534 to something smaller, as it is not secure to open such a wide range of ports.
2. Open this smaller range of ports in TCP_IN setting in CSF.

Here is a step-by-step example of such a configuration. We will use port range 30000 - 31000 in our example and use the nano text editor. However, you are free to select any port range and file editor you prefer.

1. Log into your server via SSH as the root user.

2. Open /etc/pure-ftpd.conf in nano using the following command:

nano /etc/pure-ftpd.conf

3. Press [Ctrl] + [W] to switch to the Search mode. A "Search: " prompt should appear at the bottom:


Type in "PassivePortRange" and press Enter.

Delete the "49152 65534" numbers on the line and type in "30000 31000" instead.
Press [Ctrl] + [O] ("File Name to Write: /etc/pure-ftpd.conf" prompt will appear) and then Enter to save the changes.
Press [Ctrl] + [X] to close the editor.

4. Open /etc/csf/csf.conf for editing using:

nano /etc/csf/csf.conf

Press [Ctrl] + [W] to switch to the Search mode.
Type in "TCP_IN" and press Enter.
Depending on the width of your terminal, the "TCP_IN=" line can be too long to fit the screen. In this case, it will be marked with "$" on the right end.


Scroll all the way to the right and add "30000:31000", separating it by a comma as shown on the following screenshot:


Press [Ctrl] + [O] and then Enter to save the changes.
Press [Ctrl] + [X] to close the editor.

5. Restart pure-ftpd server to apply the changes in the configuration file using the command:

service pure-ftpd restart

6. Restart CSF server to apply the changes in its configuration file as well using the command:

csf -r


Now, you should be able to access your server via FTP without any issues.


That's it!

Updated
Viewed
14206 times

Need help? We're always here for you.

notmyip