Passive FTP workaround for Plesk’s proftpd

23 01 2006

Add the following line:
PassivePorts 49152 65534
to /etc/proftpd.conf
NOT /etc/proftpd.include as that file will be overwritten by Plesk regularly.

No need to restart xinetd (/etc/init.d/xinetd restart) as proftpd is executed only when a connection has been attempted on the port.

Add the following line:
/sbin/iptables -A INPUT -p tcp –dport 49152:65534 -j ACCEPT
to /usr/local/psa/var/modules/firewall/firewall-active.sh

That’s all!
Just need to make sure that the last incoming traffic rule is set to deny all.

Valid for Plesk 7.5.

« RMIT Courses [BP162] GNU Privacy Guard (GPG) »


Actions

Informations

4 responses to “Passive FTP workaround for Plesk’s proftpd”

19 06 2007
Interversal Blog » Blog Archive » Useful commands on plesk (00:15:49) :

[...] this site http://blog.nirkabel.org/2006/01/23/passive-ftp-workaround-for-plesks-proftpd/ suggests defining the passive ports and opening them on the firewall as [...]

13 10 2007
Thomas (18:04:52) :

A better way is using the ip_conntrack_ftp kernel module with

/sbin/modprobe ip_conntrack_ftp.

This fixed the passive ftp problem without manual changes of firewallrules under plesk.

25 04 2008
Amed (05:44:54) :

hey thanks, it helped alot

13 05 2008
Russell (07:08:18) :

Make sure if you place the PassivePorts 49152 65534 that you place it between the tags and not just anywhere.

Leave a comment

You can use these tags : <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>