SOLVED FTP Stuck at Retrieving Directory Listing

Kieko89

Member
May 14, 2017
7
2
3
USA
cPanel Access Level
Root Administrator
Hi, I'm having a hard time connecting via FTP and get the below output when using filza to connect (replaced service IP with ServerIP):
Code:
Status:      Resolving address of ftp.example.us

Status:      Connecting to ServerIP:21...

Status:      Connection established, waiting for welcome message...

Status:      Initializing TLS...

Status:      Verifying certificate...

Status:      TLS connection established.

Status:      Server does not support non-ASCII characters.

Status:      Logged in

Status:      Retrieving directory listing...
Command: PWD

Response: 257 "/" is the current directory

Command: TYPE I

Response: 200 Type set to I

Command: PASV

Response: 227 Entering Passive Mode (52,43,53,41,246,249).

Command: MLSD

Error:        The data connection could not be established: ETIMEDOUT - Connection attempt timed out

Error:        Connection timed out after 50 seconds of inactivity

Error:        Failed to retrieve directory listing
Here is the output of the /etc/proftpd.conf file:

Code:
# This is a basic ProFTPD configuration file (rename it to

# 'proftpd.conf' for actual use.  It establishes a single server

# and a single anonymous login.  It assumes that you have a user/group

# "nobody" and "ftp" for normal operation and anon.


ServerName                      "ProFTPD"

AuthUserFile /etc/proftpd/passwd.vhosts

ServerType                      standalone

DeferWelcome                    off

DefaultServer                   on

DefaultRoot ~ !wheel


# Port 21 is the standard FTP port.

IdentLookups off

UseReverseDNS off

TransferLog /etc/apache2/logs/domlogs/ftpxferlog

AuthPAM off

<IfModule mod_tls.c>

    TLSEngine on
DefaultRoot ~ !wheel


# Port 21 is the standard FTP port.

IdentLookups off

UseReverseDNS off

TransferLog /etc/apache2/logs/domlogs/ftpxferlog

AuthPAM off

<IfModule mod_tls.c>

    TLSEngine on

    TLSRequired on

    TLSRSACertificateFile /etc/ftpd-rsa.pem

    TLSRSACertificateKeyFile /etc/ftpd-rsa-key.pem

    TLSVerifyClient off

    TLSCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:EC$

    TLSOptions NoSessionReuseRequired

    TLSProtocol TLSv1 TLSv1.1 TLSv1.2

</IfModule>

Port                            21

# Umask 022 is a good standard umask to prevent new dirs and files
Umask                           022


# Set the user and group that the server normally runs at.

User                            nobody

Group proftpd


# Normally, we want files to be overwriteable.

<Directory />

  AllowOverwrite                on
</Directory>


# A basic anonymous configuration, no upload directories.

<Anonymous ~ftp>

UseFtpUsers on

RequireValidShell off


  User                          ftp

  Group proftpd

  # We want clients to be able to login with "anonymous" as well as "ftp"
 UserAlias                     anonymous ftp


  <Limit LOGIN>

    DenyAll

  </Limit>

  # Limit the maximum number of anonymous logins

  MaxClients                    10


  # We want 'welcome.msg' displayed at login, and '.message' displayed

  # in each newly chdired directory.
DisplayLogin                  welcome.msg

  DisplayChdir          .message true


  # Limit WRITE everywhere in the anonymous chroot

  <Limit WRITE>

    DenyAll

  </Limit>


</Anonymous>

MasqueradeAddress website.com

MasqueradeAddress ServerIP

ShowSymlinks on

MaxInstances none

TimeoutIdle 600

TCPAccessFiles /etc/hosts.allow /etc/hosts.deny

TCPServiceName ftp

PassivePorts 49152 65534

FactsOptions UseSlink

Can anyone lead me to the right direction? I have followed the following configuration documentation without any luck:
ProFTPD Configuration for Host Access Control - cPanel Knowledge Base - cPanel Documentation

I'm running the server on AWS EC2 instance, please do let me know if I need to open ports in AWS Security Group.

Thanks
 
Last edited by a moderator:

Kieko89

Member
May 14, 2017
7
2
3
USA
cPanel Access Level
Root Administrator
Hello, I have resolved the issue by adding a custom TCP rule in EC2 Security Groups to allow connections via ports: 49152-65534. Then had attempted to connect via FTP and was able to first try.

Thanks and I hope someone will find this information useful.

Have a great day!
 
  • Like
Reactions: Infopro

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello,

I'm glad to see the solution on this thread helped. Thank you for sharing the outcome.