MQ-Jr
MQ-Jr
unixcop Admin

How to set PassivePortRange and PassiveIP in pure-ftpd on Ubuntu to secure the app!

Introduction

Hi guys, We will talk about setting PassivePortRange and PassiveIP in pure-ftpd.

If you run a firewall on your Linux server and want to use passive FTP connections, you have to define the passive port range in pure-ftpd .

The following example is for pure-ftpd on Ubuntu and ISPConfig 3.

Follow this steps to Set Passive Port Range in PureFTPD

Set PassivePortRange and PassiveIP in pure-ftpd on Ubuntu

  •  Configure pure-ftpd
echo "40110 40210" > /etc/pure-ftpd/conf/PassivePortRange
  • Then Restart pure-ftpd-mysql
service pure-ftpd-mysql restart
  • Configure the firewall. If you use ISPConfig 3 on your server to configure the Bastille firewall, you can add the necessary port range in the ISPConfig firewall settings, So change the list of Open TCP ports like that:
20,21,22,25,53,80,110,143,443,3306,8080,10000

TO

20,21,22,25,53,80,110,143,443,3306,8080,10000,40110:40210
  • Then save and quit

Set Passive IP in PureFTPD

Setting a passive IP in FTP might be necessary when your server is located behind a NAT router. You will get an error like “Error: Server returned unroutable private IP address in PASV reply” from your FTP client in such a case.

  • To set a passive IP address, run this command:
echo "1.2.3.4" > /etc/pure-ftpd/conf/ForcePassiveIP
  • Replace 1.2.3.4 with the External IP address that clients shall use to connect to the FTP server.
  • Then restart pureFTPD:
service pure-ftpd-mysql restart

Conclusion

That’s it

We illustrated how to set PassivePortRange and PassiveIP in pure-ftpd on Ubuntu.

Thanks

app website

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

Join us on Facebook