- Plesk for Linux
Unable to connect to the server via FTP in the passive mode. One of the following error messages can appear when connecting via FTP:
CONFIG_TEXT: 530 Login incorrect.
CONFIG_TEXT: ftp: connect: Connection refused
CONFIG_TEXT: Error: Connection timed out
Error: Failed to retrieve directory listing
CONFIG_TEXT: ftp: connect: Connection timed out
CONFIG_TEXT: 425 Can't open data connection.
CONFIG_TEXT: An error occurred opening that folder on the FTP server. Make sure you have permission to access that folder. The operation timed out
CONFIG_TEXT: Error listing directory '/httpdocs'. Transfer channel can't be opened. Reason: No connection could be made because the target machine actively refused it. Could not retrieve directory listing
CONFIG_TEXT: Connecting data socket to (203.0.113.2) port 39383
Socket error (Connection timed out) - reconnecting
It is not possible to get a directory listing by FTP using Secured TLS: the connection establishes but directory listing does not work. The following errors appear in
CONFIG_TEXT: pam_env(proftpd:setcred): Unable to open config file: /etc/security/pam_env.conf: Permission denied
pam_systemd(proftpd:session): Failed to connect to system bus: Permission denied
pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
There are the following records in
CONFIG_TEXT: proftpd: fatal: PassivePorts: missing arguments on line 17 of '/etc/proftpd.conf'
Issues with the network configuration.
The passive ports range is not configured in the FTP configuration file.
Passive ports are not opened in a firewall.
Configure passive port range using the article:
If the server is behind the NAT, to set the directive MasqueradeAddress, follow this article:
Enable passive port range using the following article (only step 2):
Go to Plesk > Tools & Settings > Firewall > Modify Plesk Firewall Rules > Add Custom Rule.
Note: if there is no Modify Plesk Firewall Rules and only Enable Firewall Rules Management option is available then the Plesk firewall is switched off. Enable it.
Specify the following:
Match direction: Incoming.
Fill the Add port or port range as it specified in the
/etc/proftpd.conffile, e.g. 49152-65535, and leave the TCP option selected.
Click Add > OK > Apply Changes > Activate:
The port range selected must be in the non-privileged range (e.g., greater than or equal to 1024). It is strongly recommended that the chosen range should be large enough to handle many simultaneous passive connections (e.g., 49152-65535, the IANA-registered ephemeral port range).
The port range should be allowed for incoming connections in the server firewall settings. Contact a server administrator to configure it if required.
For Cloud Solutions refer to the following documentation pages or configure allowed ports for the virtualization instance according to its documentation:
Alternatively, set the mode to active in FTP Client settings.