Pure-FTP
Apr 3, 2009I have install WHM and also installed CSF. how to block or denied a user to access ftp.
View 4 RepliesI have install WHM and also installed CSF. how to block or denied a user to access ftp.
View 4 RepliesI am not 100% sure if i am going to be able to describe the problem, but i hope someone will get an idea what i am talking about.
I have pure-ftpd installed on my server.
In one of the folders in my public_html i have more then 10 000 files.
When i ftp to my username using FlashFXP i am unable to list more then 1998 files.
Does it have to do anything with passive ports range or?
what port range should i use, and how should i enter it in /etc/sysconfig/iptables.
i tried everything i know and reinstalled my vps more than 5 times for the last 24hrs but i'm out of luck. Pure-ftpd would not start what ever i do.
Also lxadmin installation gives me the following error:
Downloading Installappdata
pure-ftpd: unrecognized service
unlink: cannot unlink `/usr/bin/lxsuexec': No such file or directory
unlink: cannot unlink `/usr/bin/lxexec': No such file or directory
mv: cannot stat `/sbin/udevd': No such file or directory
rm: cannot remove `/dev/pts/0': Operation not permitted
I've run a pure-ftpd-server privetley and haven't bothered to chroot the enviroment since I only used it myself when I needed files remotley. Now on request of my school and work buddies I've started hosting a website which they are to manage and through my ftp-server add / remove the site's different files.
I know how to start it with chrooted enviroment but everytime I reboot it, which I usually don't need to anyway, it starts unchrooted so I manually have to kill the ftp-daemon and start it with my customised parameters.
Is there a way to change the init.d/pure-ftpd-conf or something to start with my customised options? i.e with the chroot-option turned on.
I am just in the process of finish off setting up my first cPanel server but I am having the follow problems when connecting to FTP:
Response:220---------- Welcome to Pure-FTPd [TLS] ----------
Response:220-You are user number 1 of 50 allowed.
Response:220-Local time is now 17:20. Server port: 21.
Response:220-IPv6 connections are also welcome on this server.
Response:220 You will be disconnected after 15 minutes of inactivity.
Command:USER xxxx
Response:331 User ehuk OK. Password required
Command:PASS ***********
Response:230-User ehuk has group access to: ehuk
Response:230 OK. Current restricted directory is /
Command:SYST
Response:215 UNIX Type: L8
Command:FEAT
Response:211-Extensions supported:
Response: EPRT
Response: IDLE
Response: MDTM
Response: SIZE
Response: REST STREAM
Response: MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Response: MLSD
Response: ESTP
Response: PASV
Response: EPSV
Response: SPSV
Response: ESTA
Response: AUTH TLS
Response: PBSZ
Response: PROT
Response:211 End.
Status:Connected
Status:Retrieving directory listing...
Command:PWD
Response:257 "/" is your current location
Command:TYPE I
Response:200 TYPE is now 8-bit binary
Command:PASV
Response:227 Entering Passive Mode (10,21,103,3,255,61)
Status:Server sent passive reply with unroutable address. Using server address instead.
Command:LIST
Error:Connection timed out
Error:Failed to retrieve directory listing
The server is behind a firewall, I can connect to the FTP via VPN but I cant connect via the remote IP, any ideas?
I know cPanel is designed for NAT but I have worked around this, the FTP is the only issue,
I have pure-ftp server.
I have checked some ftp failure login attempt made but when i check log file but only see real ip address which is external ip address but i want to trace main ip so anyone tell me howto trace that ip address.
I have too many connection from 202.96.5.29 through pure-ftpd:
PHP Code:
Sep 3 00:27:24 server pure-ftpd: (?@202.96.5.29) [INFO] New connection from 202.96.5.29Sep 3 00:27:25 server pure-ftpd: (?@202.96.5.29) [WARNING] Authentication failed for user [oracle]Sep 3 00:27:29 server pure-ftpd: (?@202.96.5.29) [WARNING] Authentication failed for user [oracle]Sep 3 00:27:31 server pure-ftpd: (?@202.96.5.29) [WARNING] Authentication failed for user [Administrator]Sep 3 00:27:39 server pure-ftpd: (?@202.96.5.29) [WARNING] Authentication failed for user [oracle]Sep 3 00:27:49 server pure-ftpd: (?@202.96.5.29) [WARNING] Authentication failed for user [oracle]Sep 3 00:27:49 server pure-ftpd: (?@202.96.5.29) [ERROR] Too many authentication failuresSep 3 00:27:49 server pure-ftpd: (?@202.96.5.29) [INFO] New connection from 202.96.5.29
I block this ip (202.96.5.29 ) with:
PHP Code:
/sbin/iptables -I INPUT -s 202.96.5.29 -j DROProute add 202.96.5.29 reject
but is not blocked always I have same too many connection?
how can I force block this Ip?
/var/log/messages is full of messages like this every 5 minutes:
[INFO] New connection from 209.85.4.32
pure-ftpd: (?@209.85.4.32) [INFO] Logout
is there any way to stop it?
When I look around almost all offers are webhosting as
Dedicated or Managed servers with PHP, MxySQL and so on.
What I need is (big) pure backup space which must be at least
accessible by (reliable and pretty fast but not absolute ultar-high-speed) ftp server (which supports resuming of ftp-sessions).
Needed space: 200 GB
Traffic per month: 200-500 GB (can be at night)
(only) Nice to have (but not absolutely required):
- TLS/SSL Encryption for ftp
- 2-5 more ftp accounts (sharing the same space)
- crontab and perl scripts
- WebDav
Is there a way to disable the temporary filename, for instance when I upload a file via ftp, the filename becomes .pureftp-24213421423. It returns back to the original filename when you abord the transfer or when it's completed.
View 2 Replies View RelatedI had what I thought was a fairly smooth install via yum of Pure-FTP on a Fedora 7 SELinux server. I configured it to use it's own PureDB virtual user system, and I added a few users using # pure-pw useradd to test things out. However, upon successfully logging in...
[21:51:34] USER test1
[21:51:34] 331 User test1 OK. Password required
[21:51:34] PASS (hidden)
[21:51:34] Cannot login waiting to retry (30s)...
[21:51:34] Server closed connection...so, I check /var/log/messages to find...
Jul 31 21:50:25 homeserve pure-ftpd: (?@192.168.0.134) [INFO] New connection from 192.168.0.134
Jul 31 21:50:25 homeserve pure-ftpd: (?@192.168.0.134) [ERROR] Home directory not available - aborting
Clearly, something is awry. When I created the users, I explicitly specified their home directory using pure-pw's -d flag, and I can confirm that it was entered correctly by viewing the /etc/pure-ftpd/pureftpd.passwd. The directories, of course, do exist with the proper permissions and ownership.
I have a slight problem with one user trying to upload with FTP to the server. The problem is, if he is uploading a file that will take awhile... his FTP connection will be dropped if he visits his site during the transfer.
Me and a few others have tried duplicating the problem with no success. Our uploads do not get stopped. Anyhow, I took a guess that maybe it was a problem with APF our software based firewall. I turned it off for a few minutes, and then the users problems dissappeared.
I turned on full logging in APF, and had the user try yet again. Here is the output:
PHP Code:
Mar 3 17:23:22 boundless kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=69.65.12.230 DST=69.149.62.111 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=21 DPT=61682 WINDOW=0 RES=0x00 RST URGP=0
Mar 3 17:23:32 boundless kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:e0:81:44:f0:a2:00:d0:03:c2:a8:00:08:00 SRC=69.149.62.111 DST=69.65.12.230 LEN=1492 TOS=0x00 PREC=0x00 TTL=116 ID=64493 DF PROTO=TCP SPT=61684 DPT=23301 WINDOW=65535 RES=0x00 ACK URGP=0
Mar 3 17:23:32 boundless kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=69.65.12.230 DST=69.149.62.111 LEN=40 TOS=0x08 PREC=0x00 TTL=64 ID=65164 DF PROTO=TCP SPT=23301 DPT=61684 WINDOW=32767 RES=0x00 ACK URGP=0
Mar 3 17:23:32 boundless kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:e0:81:44:f0:a2:00:d0:03:c2:a8:00:08:00 SRC=69.149.62.111 DST=69.65.12.230 LEN=1492 TOS=0x00 PREC=0x00 TTL=116 ID=64496 DF PROTO=TCP SPT=61684 DPT=23301 WINDOW=65535 RES=0x00 ACK PSH URGP=0
Mar 3 17:23:32 boundless kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:e0:81:44:f0:a2:00:d0:03:c2:a8:00:08:00 SRC=69.149.62.111 DST=69.65.12.230 LEN=1492 TOS=0x00 PREC=0x00 TTL=116 ID=64497 DF PROTO=TCP SPT=61684 DPT=23301 WINDOW=65535 RES=0x00 ACK URGP=0
Mar 3 17:23:32 boundless kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:e0:81:44:f0:a2:00:d0:03:c2:a8:00:08:00 SRC=69.149.62.111 DST=69.65.12.230 LEN=1492 TOS=0x00 PREC=0x00 TTL=116 ID=64499 DF PROTO=TCP SPT=61684 DPT=23301 WINDOW=65535 RES=0x00 ACK URGP=0
Mar 3 17:23:32 boundless kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:e0:81:44:f0:a2:00:d0:03:c2:a8:00:08:00 SRC=69.149.62.111 DST=69.65.12.230 LEN=1492 TOS=0x00 PREC=0x00 TTL=116 ID=64500 DF PROTO=TCP SPT=61684 DPT=23301 WINDOW=65535 RES=0x00 ACK PSH URGP=0
Mar 3 17:23:33 boundless kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=69.65.12.230 DST=69.149.62.111 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=21 DPT=61682 WINDOW=0 RES=0x00 RST URGP=0
Mar 3 17:23:34 boundless kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=69.65.12.230 DST=69.149.62.111 LEN=40 TOS=0x08 PREC=0x00 TTL=64 ID=65166 DF PROTO=TCP SPT=23301 DPT=61684 WINDOW=32767 RES=0x00 ACK URGP=0
Mar 3 17:23:39 boundless kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=69.65.12.230 DST=69.149.62.111 LEN=40 TOS=0x08 PREC=0x00 TTL=64 ID=65168 DF PROTO=TCP SPT=23301 DPT=61684 WINDOW=32767 RES=0x00 ACK URGP=0
Mar 3 17:23:44 boundless kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=69.65.12.230 DST=69.149.62.111 LEN=40 TOS=0x08 PREC=0x00 TTL=64 ID=65170 DF PROTO=TCP SPT=23301 DPT=61684 WINDOW=32767 RES=0x00 ACK FIN URGP=0
Mar 3 17:23:44 boundless pure-ftpd: (lf4worl@69.149.62.111) [INFO] Timeout (no new data for 900 seconds)
The 17:23:44listings is the exact time he visited his site during the upload. The weird part is the Timeout message at that same exact time. No new data for 900 seconds...
Anyhow, I don't really want to post the full apf.conf if I don't have to... So can anyone take a guess at what APF rule might be causing the problem?
Also, why would it only be affecting 1 client when all the rest can visit their site while uploading?
I've been running pure-ftpd for around 4 months now without any problems, until around 24-48 hours ago file upload has been going a bit loopy.
When you upload a file the speed bounces considerably, and at times pauses on 0kbps until it then dies and fails the upload. 9/10 uploads I have tried have failed.
[R] Opening data connection IP: 74.86.20.181 PORT: 35283
[R] LIST -al
[R] 150 Accepted data connection
[R] 226-Options: -a -l
[R] 226 6 matches total
[R] List Complete: 374 bytes in 0.64 seconds (0.6 KB/s)
Transfer queue completed
1 File failed to transfer
[R] Connection lost: chacha
We have restarted pure-ftpd a number of times, but have had no luck.
Please could you try and upload a file (at least 10mb and please nothing dodgey) to this FTP account:
address: chacha.99k.org
user: chacha@99k.org
pass: password
And output the result.
Does anyone here have experience with pure-ftpd and would possibly consider giving my system a "once over"?
Timezone on server is set to GMT -5 EDT
My timezone is GMT -5 EDT
Yet filezilla 3.x ftp client connected to my server's pure-ftpd server offsets time on transferred files by an hour, saying now at 8:52 that the file was uploaded to the server at 9:52.
WHM and uptime, etc. at the SSH prompt show server time correct, matching my own time.
But connecting via filezilla 3 I get:
Status: Calculating timezone offset of server...
Command:MDTM .htaccess
Response:213 20080208013750
Status:Timezone offsets: Server: -18000 seconds. Local: -14400 seconds. Difference: 3600 seconds.
Status: Directory listing successful
If I connect locally to pure-ftp via the server shell ftp, I get
Connected to localhost.
220---------- Welcome to Pure-FTPd [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 20:52. Server port: 21.
which matches
$ uptime
20:52:28
The filezilla forums however indicate the problem is due to some "non-standards compliant setup" of my ftp server.
[url]
Quote:
As required in RFC 3659 [url]FileZilla assumed MDTM returns timestamps in UTC. Based on the timestamp return in the LIST reply and the corresponding MDTM reply, it calculates the timezone offset of the server.
Obviously this fails on broken or misconfigured servers.
I can assure you that it works fine on all standards-compliant servers.
Is there something I can tweak with pure-ftpd, or is this a Filezilla 3 bug?
if you can share a 100MB download link that I can use to test cogent's speed to my network. Hopefully plugged into a 100MBPS port at the switch to see if it will max out or not.
View 6 Replies View RelatedToday I tried to setup pure-ftpd server on slackware linux and managed to do that I also enabled virtual users feature, but when I log in to ftp as virtual user I cannot create any dirs or change dirs.
My question is - how do I enable for virtual user: deleting, changing, renaming, creating files, dirs in his home ftp directory?
Simultaneous FTP User Question - Cpanel/WHM/Pure-FTP, Dual Xeon 2.4, 1gRAM, Dedicated
Does the following dedicated server spec throw any flags for you when considering our intended future use?
DEDICATED SERVER SPEC
Dual Xeon 2.40 ghz.
1 gig RAM
INTENDED FUTURE USE
- We currently host 300 low volume websites on the server.
- We only use 40 gigs of data bandwidth per month. (1000 allotted)
- We developed a new software product that allows auto-updates 300kb of data each day.
- We expect up to 500 people to use this software and need to access our FTP daily, at different times of the day (random).
- We plan to embed the FTP information into the software.
The FTP access will be transparent to the user.
Does our dedicated server sound like it could handle this? My guess is yes.
I have ftp server (pure-ftp). with firewall.
i allowed 20 and 21 port in "CSF" firewall
now when i or our client connect to the server connection done.
and the they fire dir or ls command they will receive error
"425 Could not open data connection to port 2535: Connection timed out"
what is the problem.i have already allowed passive port 2500:3500 then why i received this types of error
I have cPanel running on a server which was working until it magically stopped allowing FTP logins via Pure-FTPD. It won't even allow Pure-FTPD to be started up. It gives the following error:
Starting pure-config.pl: Running: /usr/local/sbin/pure-ftpd -O clf:/var/log/xferlog --daemonize -A -c50 -B -C8 -D -E -fftp -H -I15 -lextauth
:/var/run/ftpd.sock -L2000:8 -m4 -s -U133:022 -u100 -Oxferlog:/usr/local/apache/domlogs/ftpxferlog -k99 -Z -Y1
/usr/local/sbin/pure-ftpd: invalid option -- O
421 Unknown authentication method: extauth:/var/run/ftpd.sock
[FAILED]
I've tried upgrading cPanel, downgrading cPanel, forcing a reinstall, swapping to Pro-FTPD (doesn't allow login either) and back, but nothing seems to repair it.
Does anyone else have any ideas or experienced a similar issue?