2K

Sometimes administrators may encounter an FTP connection issue where login works through the console, but FTP clients such as FileZilla fail to connect properly.

Issue

You can successfully connect to the FTP server using the command line, but when connecting through an FTP client like FileZilla:

• The connection hangs at the MLSD command
• Directory listing fails
• Connection eventually times out

Cause

This issue usually occurs when the FTP server operates in Passive Mode.

In passive mode:

• The FTP client connects to port 21 for authentication.
• The server then opens a random high port (typically above 30000) for data transfer.
• If these passive ports are blocked by the firewall, directory listing and file transfers will fail.

Solution

Step 1: Login to the FTP Server

Access your server via SSH.

Step 2: Configure Passive Port Range

Open the Pure-FTPd configuration file:

vi /etc/pure-ftpd.conf

Locate the following line:

PassivePortRange 30000 35000

• Ensure the line exists.
• Make sure it is not commented out.

Save the file after confirming the configuration.

Step 3: Allow Passive Ports in CSF Firewall

Edit the CSF configuration file:

vi /etc/csf/csf.conf

Find the TCP_IN rule and modify it as follows:

TCP_IN = "20,21,22,25,53,80,110,30000:35000"

This allows incoming connections for FTP passive data ports.

Step 4: Restart CSF Firewall

After saving changes, restart CSF:

csf -r

Result

Once the passive port range is properly configured and allowed in CSF:

• FTP clients like FileZilla will connect successfully.
• MLSD timeout errors will be resolved.
• Directory listing and file transfers will work normally.

If you require help, contact SupportPRO Server Admin