- Plesk for Linux
Unable to connect to a Plesk server via FTP in the passive mode. One of the following error messages appears on connection:
PLESK_INFO: 530 Login incorrect.
PLESK_INFO: ftp: connect: Connection refused
PLESK_INFO: Error: Connection timed out
Error: Failed to retrieve directory listing
PLESK_INFO: ftp: connect: Connection timed out
PLESK_INFO: 425 Can't open data connection.
PLESK_INFO: An erro occurred opening that folder on the FTP server. Make sure you have permission to access that folder. The operation timed out
PLESK_INFO: Error listing directory '/httpdocs'. Transfer channel can't be opened. Reason: No connection could be made because the target machine actively refused it. Could not retrieve directory listing
PLESK_INFO: Connecting data socket to (203.0.113.2) port 39383
Socket error (Connection timed out) - reconnecting
It is not possible to get a directory listing by FTP using Secured TLS: the connection establishes but directory listing does not work. The following error messages appear in the logfile /var/log/secure:
CONFIG_TEXT: pam_env(proftpd:setcred): Unable to open config file: /etc/security/pam_env.conf: Permission denied
pam_systemd(proftpd:session): Failed to connect to system bus: Permission denied
pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
The following records appear in /var/log/syslog:
CONFIG_TEXT: proftpd: fatal: PassivePorts: missing arguments on line 17 of '/etc/proftpd.conf'
- The passive ports range is not configured in the FTP configuration file.
Passive ports are not opened in a firewall.
If the server is behind the NAT, to set the directive MasqueradeAddress, follow this article:
Enable the passive port range using the following article (only step 2):
Install Plesk Firewall in case it is not installed and enable firewall rules management at Tools & Settings > Firewall.
Once Plesk Firewall is installed and enabled, make sure that the FTP server passive ports rule is enabled.
The port range selected must be in the non-privileged range (e.g., greater than or equal to 1024). It is strongly recommended that the chosen range should be large enough to handle many simultaneous passive connections (e.g., 49152-65535, the IANA-registered ephemeral port range).
The port range should be allowed for incoming connections in the server firewall settings. Contact a server administrator to configure it if required.
For Cloud Solutions refer to the following documentation pages or configure allowed ports for the virtualization instance according to its documentation:
Alternatively, set the mode to active in FTP Client settings.