FTP by default is disabled for security reasons on cPanel servers. Once enabled, information can be transmitted insecurely. To force use of SSL/TLS, the configuration file needs to be updated via WHM or the Command-Line.
Procedure
Determine your FTP Server
First, you need to know if you're running Pure-FTPd or Pro-FTPd. To determine this, run the following command:
grep ftpserver /var/cpanel/cpanel.config
You should expect one of the following:
ftpserver=proftpd
ftpserver=pure-ftpd
Pure-FTP
Create the appropriate file if it does not exist.
nano /var/cpanel/conf/pureftpd/local
Add your requested value to this file:
# This option accepts three values:
# 0: disable SSL/TLS encryption layer (default).
# 1: accept both cleartext and encrypted sessions.
# 2: refuse connections that don't use the TLS security mechanism,
# including anonymous sessions.
# Do _not_ uncomment this blindly. Double check that:
# 1) The server has been compiled with TLS support (--with-tls),
# 2) A valid certificate is in place,
# 3) Only compatible clients will log in.
TLS 2
This value is set to 1 by default. 2 will force SSL connections.
To finalize your changes:
/scripts/setupftpserver pure-ftpd --force
Pro-FTP
Create the appropriate file if it does not exist.
nano /var/cpanel/conf/proftpd/local
Make the appropriate change:
<IfModule mod_tls.c>
TLSRequired on
</IfModule>
To finalize your changes:
/scripts/setupftpserver proftpd --force
Comments
0 comments
Article is closed for comments.