# FTP Troubleshooting ==================================================================================== #### FTP Passive Mode Passive ports are used to allow multiple FTP connections by moving open FTP connections from port 21 to a port specified in the passive port range (40,000-40,100 is the standard ANS passive port range ). If your FTP client is using passive mode, you'll usually see an output similar to the below. We can use this to calculate the port being used for passive mode (which we can then check for any restrictions on). `80,244,185,220,156,149 ` First 4 numbers are the server IP, Multiply 5th number by 256 = x X+6th number = passive port which is being used 156x256=39936+149=40085 ------------------------------------------------------------------------------------------------------------------------------------------------ #### SFTP SFTP, which stands for Secure File Transfer Protocol, is a network protocol that provides file access, file transfer, and file management functionalities over any reliable data stream. Unlike FTP (File Transfer Protocol), which is often used with FTP over SSL/TLS (FTPS) for security, SFTP inherently provides secure file transfer through the SSH (Secure Shell) protocol. The primary cPanel/Plesk user can use SFTP if enabled. ==================================================================================== ### FTP Troubleshooting ------------------------------------------------------------------------------------------------------------------------------------------------ ##### cPanel Identify which FTP server is running ``` lsof -i:21 ``` For Pure-FTPd: ``` /var/cpanel/conf/pureftpd/local ``` For ProFTPD: ``` /var/cpanel/conf/proftpd/local ``` Add this line to set which ports your server should use. ``` PassivePortRange: 40000 40100 ``` If your server is behind a firewall and you are seeing unroutable address errors, add the following line, replacing `123.123.123.123` with your server’s public IP: ``` ForcePassiveIP: IP_IP_IP_IP ``` Restart `Pure-FTPd` by running: ``` /usr/local/cpanel/scripts/setupftpserver pure-ftpd --force ``` Allow inbound connections on the passive port range. ------------------------------------------------------------------------------------------------------------------------------------------------ ##### Plesk Plesk also uses the ProFTPD server, but the configuration is slightly different. **Plesk Onyx:** Edit/create the file `/etc/proftpd.d/55-passive-ports.conf` Add the following configuration this file: ``` PassivePorts 40000 40100 ``` Restart the FTP service to pick up the changes: ``` systemctl restart xinetd ``` On your firewall, allow inbound connections on the passive port range. If your server is behind a firewall and you are seeing unroutable address errors, add the following line, replacing `123.123.123.123` with your server’s public IP: ``` MasqueradeAddress IP_IP_IP_IP ``` ------------------------------------------------------------------------------------------------------------------------------------------------