• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Firewall problem with ProFTPd

SlimDeluxe

SlimDeluxe

New Pleskian
Hi everyone.

I have enabled the plesk firewall component on my Plesk 12 / Ubuntu 14.04 machine.

Everything works except FTP. Upon connecting, it fails on the MLSD command.

Code: 
Response:    200 Type set to I
Command:    PASV
Response:    227 Entering Passive Mode (x,x,x,x,174,229).
Command:    MLSD
Error:    Connection timed out
Error:    Failed to retrieve directory listing

If I release the "System policy for incoming traffic" to "Allow from everyone" it works. I have tried both secure and standard FTP connections, it does not make a difference.

Here's a screenshot of the rules.
screenshot-from-2015-05-.png


The very same Firewall rules work just fine on my other Plesk 11 / Ubuntu machine.

I guess Plesk is not generating the correct rules. How can I determine which port should I open to make it work?

Regards,
Omer
 
Hi,
following that article I added a rule with following:
Allow incoming from all on ports 20/tcp, 990/tcp

Nothing changed, still times out
 
When using passive ftp, the ftp server will change to another port then the usual and 20, 21, etc...

To allow passive connections in ftp you must do 2 things if you use a firewall:

- tell proftpd what ports to use for passive ftp
- open these ports in the firewall

To tell proftpd what ports to use you must add the following to /etc/proftpd.conf

PassivePorts 10000 10250

in the <Global> </Global> part of the configuration. I place mine just above </Global>, but that is up to you.

Then open these ports in the firewall.

What ports you use is up to you but be sure to use enough so there is room for everyone to connect.

Regards
Jan
 
You must log in or register to reply here.

Similar threads

R
Issue Unable to connect to FTP via
Replies
4
Views
849
kilowhisky65
K
W
Resolved FTP error not working
Replies
2
Views
368
WilliamGm
W
P
Resolved Remote FTP Backup fails after upgrade to Plesk Obsidian 18.0.68 Update 1
Replies
10
Views
1K
audiobras
A
F
Question IPv4 forwarding rule
Replies
8
Views
382
alvarezcruz
alvarezcruz
J
Question Plesk Firewall is blocking requests even with configured rules
Replies
2
Views
1K
Johnny9977
J
Back
Top