While the following article relates to our Cloud VMs, the principle applies to any server e.g. Dedicated, and as such if the passive FTP ports are blocked, it will not be possible to create a passive FTP connection.
It is not possible to use FTP in Passive mode - and by extension explicit FTP over TLS, where the passive ports are being blocked on the server via:
- The Cloud Firewall:
- Where the Default Firewall Rule is set to Drop.
- The firewall on the Virtual Machine:
- Where present and active, and set to Drop by default.
To allow passive FTP connectivity, you will need to allow for one (or more) of these options:
- Enter your own IP address, with an Allow rule - for all ports:
- However it is not always practical to add the IP address, where users from various locations need to access FTP.
- There is a sample configuration for this method below.
- Note: This rule must be at the top of the firewall rules list.
- This perhaps is the better solution, as it ensures that you are still locking the server down while allowing passive FTP access to the server.
- The following articles apply to control panels in use on our servers:
Sample Configuration (for Item 1):
- Rule #: eth0
- Source Address: 188.8.131.52/32
- The /32 indicates a single IP address.
- You can use a network range also, where applicable.
- Destination Port: Left Blank
- The reason it is left blank, is to allow all ports for the rule you are creating.
- Protocol: TCP
The following article will assist in configuring the Cloud Firewall for the Cloud VM:
Alternative To Amending Firewall/Passive Configuration
If you do not wish to amend the configuration for your firewall and/or FTP service, the alternative would be to create an FTP connection to the server with the following properties:
- Connection Type:
- Plain FTP.
- No Encryption.
- Connection Mode:
If you have any queries on this, please contact our Support team - see the following for our contact details: