Applicable to:
- Plesk for Linux
- Plesk for Windows
Symptoms
-
One of the following error messages appears, when connecting to a server via FTP in active mode:
CONFIG_TEXT: Status: Connecting to 203.0.113.2:21...
Status: Connection attempt failed with "ETIMEDOUT - Connection attempt timed out".
Error: Could not connect to serverOR
CONFIG_TEXT: ftp: connect: Connection timed out
OR
CONFIG_TEXT: ftp: connect: Connection refused
OR
CONFIG_TEXT: 425 Unable to build data connection: Connection timed out
OR
CONFIG_TEXT: 425 Unable to build data connection: Permission denied
OR
CONFIG_TEXT: Error: Connection timed out after 20 seconds of inactivity
OR
CONFIG_TEXT: Timeout detected. (data connection)
Could not retrieve directory listing
Error listing directory '/'OR
CONFIG_TEXT: Error: Cannot establish FTP connection to an SFTP server. Please select proper protocol.
Error: Critical error: Could not connect to server -
It is possible to connect to FTP directly from the server via localhost:
# ftp localhost
Connected to localhost (127.0.0.1).
220 ProFTPD Server (ProFTPD) [127.0.0.1]
Name (localhost:root): ftp_user
331 Password required for ftp_user
Password:
230 User ftp_user logged in
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> -
It is not possible to disable the option Use passive mode at Tools & Settings > Backup Manager > FTP Storage Settings :
PLESK_ERROR: Error: Unable to access to the storage: Transport error: unable to list directory: Curl error: (30) FTP: command PORT failed: Last FTP request: PORT 172,16,185,194,169,76 Last FTP response: 500 Illegal PORT command
Make sure you have entered the correct storage settings. You can check them independently with the command:
curl -v -P - --ssl -k -u user 'ftp://example.com//user/server3//' -
Backups to this FTP server fail with the following error:
CONFIG_TEXT: Error: Unable to access to the storage: Transport error: unable to list directory: Curl error: (7) Couldn't connect to server: Last FTP request: Last FTP response: Make sure you have entered the correct storage settings. You can check them independently with the command: curl -v -P - --ssl -k -u ftp_user 'ftp://203.0.113.2//Backup/'
-
Port 21 is filtered/blocked on the server, with which an FTP connection cannot be established:
# nmap 203.0.113.2 -p 21
PORT STATE SERVICE
21/tcp filtered ftp-data -
TCP port 20, which is used as FTP data port, is filtered/closed by a firewall:
# nmap -Pn 203.0.113.2 -p 20
Starting Nmap 6.47 ( http://nmap.org ) at 2016-05-14 02:41 NOVT
Nmap scan report for 203.0.113.2
Host is up.
PORT STATE SERVICE
20/tcp filtered ftp-data
Cause
FTP data transfer channel cannot be established because TCP ports 21 and/or 20 is/are filtered.
Resolution
Open ports 20 and 21:
-
In Plesk, go to Tools & Settings > Firewall and click Enable.
Note: If Plesk Firewall is not installed, use this installation guide.
-
Next, click Modify Plesk Firewall Rules.
-
Click on the FTP server rule > select Allow > click OK.
-
Now click Add Custom Rule and fill in the fields as shown below. Once done, click OK.
-
Click Apply Changes.
On Windows Server, additionally check Windows Firewall instructions.
-
Connect to a Plesk server via SSH.
-
Install the optional package for managing iptables:
-
for CentOS/RHEL-based distributions:
# apt install -y iptables-persistent
-
for Debian/Ubuntu-based distributions:
# yum install -y iptables-services
# systemctl enable iptables-services
-
-
Allow incoming connections to the ports 20 and 21:
-
for CentOS/RHEL-based distributions:
# iptables -I INPUT 1 -p tcp --dport=20 -j ACCEPT
# iptables -I INPUT 1 -p tcp --dport=21 -j ACCEPT
# service iptables save -
for Debian/Ubuntu-based distributions:
# iptables -I INPUT 1 -p tcp --dport=20 -j ACCEPT
# iptables -I INPUT 1 -p tcp --dport=21 -j ACCEPT
# iptables-save > /etc/iptables/rules.v4
-
-
Connect to a Plesk server via RDP.
-
Open Windows Firewall in Control Panel.
-
In Windows Firewall, click Advanced settings > Inbound Rules.
-
Make sure the following FTP rules are enabled.
If after opening the FTP ports in a server firewall these ports are still blocked, make sure that:
-
There are no other rules that prohibit FTP connection in Plesk at Tools & Settings > Firewall.
-
A third-party firewall, in case it is used, is not blocking the connection to the FTP ports.
-
An intermediary firewall between a Plesk server and the Internet is not filtering the FTP ports. Contact your Internet Service Provider (ISP) for assistance.
Comments
2 comments
cant access my files in the first place...
@M. Meijer Could you please clarify the case?
Please sign in to leave a comment.