cPanel FTP Connection issues

Here we have few steps to verify cpanel FTP connection related issues in your server. Most of problems will happen in your IPTABLES or CSF firewall settings. Any way first you should check your FTP is running fine.

Use the following command in your cpanel server to check FTP is listen.

root@server1 [~]# ftp localhost

If the response is as follows, the issue may be related to configuration of your Firewall.

Trying ::1...

Connected to localhost (::1).
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 07:01. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
Name (localhost:root):

If you get response like “ftp:connect:Connection refused” it means your FTP service is not running or may be running , but the process has failed. Anyway try to restart your FTP service or check your FTP port 21 is listening.

To verify that pure-ftpd is running and the server is listening on port 21.

root@server1 [~]# service pure-ftpd status
pure-ftpd (pid 1784) is running...

+------+---------+-------+------+-------------------------------------------+
| PID | Login |For/Spd| What | File/IP |
+------+---------+-------+------+-------------------------------------------+
| 1391 | ? | 00:10 | IDLE | |
| '' | '' | '' | '' | -> localhost |
+------+---------+-------+------+-------------------------------------------+

or

root@server1 [~]# lsof -i tcp:21
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
ftp 1390 root 3u IPv6 13784077 0t0 TCP localhost:42432->localhost:ftp (ESTABLISHED)
pure-ftpd 1391 root 4u IPv4 9809 0t0 TCP *:ftp (LISTEN)

Run the FTP localhost command again to verify it.

This is the most common server-side issue with pure-ftpd. If this procedure did not resolve the issue, you can view the log to find other possible reasons for the failure. You can view your server’s error logs by running the following command:

root@server1 [~]# tail -f /var/log/messages | grep pure-ftpd

Firewall Status

Stop your firewall and check FTP whether its working.

service iptables stop

CSF

/etc/init.d/csf stop
If you are using Pure-FTPd, which is the default, you can define the passive-mode port range by editing /etc/pure-ftpd.conf and uncomment the following directive:

Code:
# Port range for passive connections replies. - for fire walling.

# PassivePortRange 30000 50000

Once you have removed the hash mark (#) from the line starting with “PassivePortRange“, restart Pure-FTPd and edit your firewall configuration to allow traffic on the same port range.