Why do I see "Failed to retrieve directory listing" errors during FTP authentication attempts?
FTP uses a data port and a command port to transfer information between a client and a server. During an active mode session, the command port uses port 21 and the data port uses port 20. During a passive mode session, however, the data port does not always use port 20. Instead, a data port range of 49152 through 65534 is utilized by default with passive mode sessions.
Here's an example of the output you will see in your FTP client if one or more of the ports in the passive mode range are blocked by your server's firewall, your hosting provider's firewall, or by a network router's NAT configuration settings:
As you can see in the output above, the FTP server fails to respond to the MLSD command after entering passive mode. Instead, the FTP connection attempt hangs and the connection is terminated after 60 seconds of inactivity.Code:Status: Resolving address of mycpanelserver.tld Status: Connecting to 0.1.2.3:21... Status: Connection established, waiting for welcome message... Status: Initializing TLS... Status: Verifying certificate... Status: TLS connection established. Status: Connected Status: Retrieving directory listing of "/home/cpaccount"... Command: CWD / Response: 250 OK. Current directory is /public_html Command: PWD Response: 257 "/" is your current location Command: TYPE I Response: 200 TYPE is now 8-bit binary Command: PASV Response: 227 Entering Passive Mode (10,20,10,100,256,266) Command: MLSD Error: Connection timed out after 60 seconds of inactivity Error: Failed to retrieve directory listing Status: Disconnected from server
Server Administrators: If you have root access to the server, follow the steps documented on our How To Enable FTP Passive Mode knowledge base article to first verify passive mode is properly configured in your FTP server configuration settings. Then, scroll down to the article's Configure Your Firewall section to learn how to open these ports in your server's firewall.
cPanel users or WHM resellers: If your access is limited to an individual cPanel account, report the FTP connection error to your web hosting provider along with a link to this article to explain the issue.
Tip: Reference our How To Identify Your Hosting Provider knowledge base article if you need help identifying your provider.
Upstream Providers: If you have access to the upstream provider's network or firewall, check to verify the passive mode port range is allowed over the TCP protocol.
Tip: Reference your provider's network and/or firewall documentation for information on how to make firewall changes when using a cloud service provider such as AWS, Google Cloud, or DigitalOcean.
Feel free to click on the Discussion tab to let us know if you have any questions or feedback about the information in this tutorial.
Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!