Enable FTP Passive port range

What is Active FTP

1. A user connects from a random port on a file transfer client to port 21 on the server. It sends the PORT command, specifying what client-side port the server should connect to. This port will be used later on for the data channel and is different from the port used in this step for the command channel.

2. The server connects from port 20 to the client port designated for the data channel. Once connection is established, file transfers are then made through these client and server ports.


What is Passive FTP

1. The client connects from a random port to port 21 on the server and issues the PASV command. The server replies, indicating which (random) port it has opened for data transfer.

2. The client connects from another random port to the random port specified in the server’s response. Once connection is established, data transfers are made through these client and server ports.


Enable the passive port range for Pure-FTPd

vi /etc/pure-ftpd.conf configuration file

enable the passive port range

PassivePortRange 30000 50000

Save the pure-ftpd.conf file and restart FTP service.

/etc/init.d/pure-ftpd restart

Enable the passive port range for ProFTPd

vi /etc/proftpd.conf

add the following settings.

PassivePorts 30000 50000

Save the file and restart proftpd service.

You should enable passive port range into the server firewall.

CSF Firewall

vi /etc/csf/csf.conf

add port range 30000:50000



TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,30000:50000" TCP_OUT = "20,21,22,25,37,43,53,80,110,113,443,587,873,2087,2089,2703,30000:50000"

No need to update in iptables if you have installed CSF firewall.


iptables -I INPUT -p tcp --dport 49152:65534 -j ACCEPT
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

cPanel & WHM Version 74 Now in STABLE

cPanel has released cPanel & WHM Version 74 to the STABLE tier. It includes updates for some...

Installing cpanel on google cloud

Create a new CentOS 7 instance on your google cloud engine. From the cPanel & WHM System...

Install Free SSL Let’s Encrypt plugin in cPanel

Let’s Encrypt is a trusted, open source certificate authority that offers free SSL certificates...

Replace MySQL with Percona in cPanel Server

Percona Server is an enhanced drop-in replacement for MySQL. If you are a web hosting service...

Install nginx as a reverse proxy cPanel plugin

Install Nginx on your cPanel/WHM server using the Engintron cPanel Plugin as a reverse proxy. It...

Powered by WHMCompleteSolution