BuycPanel Blog

BuycPanel Blog

Latest news and updates

PureFTP and ProFTPD On NAT-Configured Networks

Posted by Allura on 14 11 2018.

Introduction
There is an issue caused by cPanel and WHM’s implementation of PureFTP and ProFTPd which on the other hand cause an issue on NAT-configured networks on cPanel and WHM version 64 and older than that. So this issue helps in preventing the Passive FTP connections to the other IP addresses there on the server and connections through domains that resolve to other IP addresses.
As a warning it should be kept in mind that this workaround is a temporary fix for the NAT-configured servers available on the cPanel & WHM version 64 and older. One can therefore reconfigure the FTP server, and the ForcePassiveIP or MasqueradeAddress settings to the configuration file will be added again by the system.

Workaround
Steps:
1- One needs to follow the current procedure in the How to Enable FTP Passive Mode document in configuring the Passive FTP on a NAT-configured network.

 	Then one needs to remove the ForcePassiveIP setting…

Introduction

There is an issue caused by cPanel and WHM’s implementation of PureFTP and ProFTPd which on the other hand cause an issue on NAT-configured networks on cPanel and WHM version 64 and older than that. So this issue helps in preventing the Passive FTP connections to the other IP addresses there on the server and connections through domains that resolve to other IP addresses.
As a warning it should be kept in mind that this workaround is a temporary fix for the NAT-configured servers available on the cPanel & WHM version 64 and older. One can therefore reconfigure the FTP server, and the ForcePassiveIP or MasqueradeAddress settings to the configuration file will be added again by the system.

Workaround

Steps:

1- One needs to follow the current procedure in the How to Enable FTP Passive Mode document in configuring the Passive FTP on a NAT-configured network.

  1. Then one needs to remove the ForcePassiveIP setting from the /etc/pure-ftpd.conf file or the MasqueradeAddress settings from the /etc/proftpd.conf file.
  2. Finally, one can restart one’s own FTP server.

One should be able to connect to all FTP-enabled domains on the server along with a Passive FTP session.

It is to note that the NAT configurations are ordinarily associated with securing environments, because of which one is strongly recommended to use our Web Disk feature instead of using FTP for file transfers. Contrary to FTP, Web Disk encrypts usernames and passwords, and also transfers files over secure connections.

Conclusion

This feature helps in preventing passive FTP connections to various other IP addresses on the server and many more. This can be done by following certain technical steps.