Skip to main content

Disable Passive Mode in FTP

Vs Nu
I'm using OVH Network firewall in OVH Network firewall I'm unable to open port ranges like 49152:65534 So is there anyway to disable the Passive mode or changing the Port as Single Port (Not as Range) Please advise

Comments

15 comments

Date Votes
  • cPAdminsMichael
    Hi, I wouldn't disable Passive Mode, as that would then probably make 90% of the clients unable to connect ;) I don't know the OVH Network Firewall - but you could manually set a Passive Port range in PureFTP:
    0
  • Vs Nu
    Hi, I wouldn't disable Passive Mode, as that would then probably make 90% of the clients unable to connect ;) I don't know the OVH Network Firewall - but you could manually set a Passive Port range in PureFTP:
    0
  • cPAdminsMichael
    Yeah, a quick google search actually confirms that OVH Network Firewall does NOT support port ranges... that's odd. If I were you, I would deactivate it and install CSF on the server - you have the same possibilities and features in CSF + much more.
    0
  • Vs Nu
    I had used CSF Before but due to attack Im using the OVH Firewall from past 24 hours
    0
  • cPAdminsMichael
    Ok, but what kind of attack did CSF not prevent you from? I think it's just about configuring CSF in a proper way ;)
    0
  • Vs Nu
    Attack on Port 80 and 443
    0
  • cPAdminsMichael
    Ok - I don't know what type of attack, but if it's a DOS attack, you may want to look into the Port Flood Protection features in CSF
    0
  • Vs Nu
    I had configured the Port Flood too ! But it does not help
    0
  • cPAdminsMichael
    Hmmm ok - but it must be some fine tuning, as there is nothing OVH Firewall can do that CSF cannot. Anyway - take a look at customizing the passive ports in the above link, that might help you on the way :)
    0
  • Vs Nu
    Is it possible to use Single Port instead of Range ?
    0
  • cPAdminsMichael
    I wouldn't limit the Passive ports to a single port as that will also limit the number of connected FTP clients. Instead, you could limit the range to fx 50 ports (3000:3049) and then create 50 rules in OVH Firewall
    0
  • Vs Nu
    I understand but in OVH Firewall we can able to create only 19 rules :(
    0
  • cPAdminsMichael
    Hm ok - but then you could limit it to 10 ports. I.e. 3000:3009. BUT... I would strongly recommend solving this in another way. Like having one of the System Administration experts having a look at hove to solve your DOS attack.
    0
  • cPanelLauren
    It seems pretty odd that OVH would include the passive port ranges for FTP in their firewall as well. This would severely limit the ability to access FTP for all of the users that utilize the service. Further to that adding every single port in the passive range would be unrealistic.
    0
  • Vs Nu
    It seems pretty odd that OVH would include the passive port ranges for FTP in their firewall as well. This would severely limit the ability to access FTP for all of the users that utilize the service. Further to that adding every single port in the passive range would be unrealistic.

    Let me contact OVH if there is any possibility
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post