The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

proFTP and CURL seem to have stopped working after upgrade to WHM 11.44.0 (build 19)

Discussion in 'General Discussion' started by PhilGlau, Jul 1, 2014.

  1. PhilGlau

    PhilGlau Active Member

    Joined:
    Nov 3, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    proFTP seems to have stopped working after upgrade to WHM 11.44.0 (build 19)

    We finally upgraded to mysql 5.5

    After then I rebuilt our PHP 5.3.28 build

    Overnight cPanel appears to have upgraded us to WHM 11.44.0 (build 19)

    This morning proFTPD (allowing us to ftp into the server) no longer works for IP-based sites. I can SSH or SFTP into the box, but logging in via plain FTP just times out. For name based sites, I can still log in.

    Not sure where the problems are or how to go about resolving them. For now, it is a requirement that the box stay on PHP 5.3 (as of 5:20 pm the PHP rebuild seems unrelated.)

    Our box is a
    CENTOS 6.5 x86_64 standard

    Also, after the upgrade, I had to turn off eAccelerator 0.9.6 as it was giving me opt-code errors.

    UPDATE: ProFTPd still a problem
     
    #1 PhilGlau, Jul 1, 2014
    Last edited: Jul 1, 2014
  2. PhilGlau

    PhilGlau Active Member

    Joined:
    Nov 3, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Further Information regarding the problem with Proftpd:

    From my local machine, I try to ftp into the box. I can get to the point where it asks for the user name, but then it times out before ever asking for the password:


    Code:
    220 ProFTPD 1.3.5rc1 Server (ftp.mysite.com) [::ffff:xx.xx.xx.xx]
    Name (mysite.com:philglau): ftp_user_name
    
    421 Service not available, remote server timed out. Connection closed.
    ftp: Login failed
    
    Normally it should immediately respond with.

    Code:
    331 Password required for ftp_user_name
    But it never makes it that far.
     
    #2 PhilGlau, Jul 1, 2014
    Last edited: Jul 1, 2014
  3. PhilGlau

    PhilGlau Active Member

    Joined:
    Nov 3, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    --- Deleted This Update ---
     
    #3 PhilGlau, Jul 1, 2014
    Last edited: Jul 1, 2014
  4. PhilGlau

    PhilGlau Active Member

    Joined:
    Nov 3, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Narrowed it down to just our Fixed IP sites. This leads me to believe that something about our old proftpd.conf file is no longer valid after the upgrade.

    I can log into some secondary namebased domains via proFTPd, but when I attempt to log into either of the two IP-based domains, I'm getting the timeout errors. Here's the proftpd.conf file. Any thoughts on what might be wrong with this configuration that would be causing the timeout? (It worked fine for many years until the upgrade to WHM 11.44.0 last night.)

    Code:
    # This is a basic ProFTPD configuration file (rename it to 
    # 'proftpd.conf' for actual use.  It establishes a single server
    # and a single anonymous login.  It assumes that you have a user/group
    # "nobody" and "ftp" for normal operation and anon.
    
    ServerName                      "ProFTPD"
    AuthUserFile /etc/proftpd/passwd.vhosts
    ServerType                      standalone
    DeferWelcome                    off
    DefaultServer                   on
    DefaultRoot ~ !wheel
    
    # Port 21 is the standard FTP port.
    AuthPAM off
    TransferLog /usr/local/apache/domlogs/ftpxferlog
    UseReverseDNS off
    IdentLookups off
    PersistentPasswd on
    
    # Take from http://forums.proftpd.org/smf/index.php?topic=5175.new;topicseen#new
    <Global>
        <IfModule mod_cap.c>
           CapabilitiesSet +CAP_CHOWN
    #      CapabilitiesEngine off
        </IfModule>
      TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
      TLSRequired off
      <Anonymous ~ftp>
        <Limit LOGIN>
          DenyAll
        </Limit>
      </Anonymous>
      TLSOptions NoSessionReuseRequired
      ShowSymlinks on
    </Global>
    
    <IfModule mod_tls.c>
        TLSEngine on
        TLSProtocol SSLv23
        TLSRequired off
        TLSRSACertificateFile /etc/ftpd-rsa.pem
        TLSRSACertificateKeyFile /etc/ftpd-rsa-key.pem
        TLSVerifyClient off
        TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
        TLSOptions NoSessionReuseRequired
    </IfModule>
    Port                            21
    #Port				3736
    # Umask 022 is a good standard umask to prevent new dirs and files
    # from being group and world writable.
    Umask                           0022
    
    # Set the user and group that the server normally runs at.
    User                            nobody
    Group proftpd
    
    # Normally, we want files to be overwriteable.
    <Directory />
      AllowOverwrite                on
    </Directory>
    
    # A basic anonymous configuration, no upload directories.
    <Anonymous ~ftp>
    UseFtpUsers on
    RequireValidShell off
    
      User                          ftp
      Group                         ftp
      # We want clients to be able to login with "anonymous" as well as "ftp"
      UserAlias                     anonymous ftp
    
      <Limit LOGIN>
        DenyAll
      </Limit>
      # Limit the maximum number of anonymous logins
      MaxClients                    10
    
      # We want 'welcome.msg' displayed at login, and '.message' displayed
      # in each newly chdired directory.
      DisplayLogin           welcome.msg
      DisplayChdir          .message true
    
      # Limit WRITE everywhere in the anonymous chroot
      <Limit WRITE>
        DenyAll
      </Limit>
    
    </Anonymous>
    
    ShowSymlinks on
    TimeoutIdle 600
    MaxInstances none
    
    <VirtualHost 174.xxx.xxx.xxx>
      ServerName ftp.fixed_ip_site_one.com
      AuthUserFile /etc/proftpd/ridicul
      MaxClients 10 "Sorry, this ftp server has reached its maximum user count (%m).  Please try again later"
      DirFakeGroup On ftpgroup
      DirFakeUser On ftpuser
      DefaultRoot ~
    
      umask 0006
    
      <IfModule mod_tls.c>
          TLSEngine on
          TLSRequired off
          TLSRSACertificateFile /etc/ftpd-rsa.pem
          TLSRSACertificateKeyFile /etc/ftpd-rsa-key.pem
          TLSVerifyClient off
          TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
         TLSOptions NoSessionReuseRequired
      </IfModule>
    
      <Directory /home/ridicul/public_html/media>
            UserOwner ridicul
            GroupOwner PTclient
      </Directory>
    
      <Directory />
        AllowOverwrite                on
        HideGroup wheel
        HideUser root
      </Directory>
      
      <Anonymous /home/ridicul/public_ftp>
        UseFtpUsers                   on
        RequireValidShell             off
        UseFtpUsers                   on
        RequireValidShell             off
        User                          ftp
        Group                         ftp
        UserAlias                     anonymous ftp
        DisplayLogin                  welcome.msg
        # DisplayChdir                  .message true
        
        <Limit LOGIN>
          DenyAll
        </Limit>
        <Limit WRITE>
          DenyAll
        </Limit>
    
        <Directory incoming>
          <Limit STOR>
            AllowAll
          </Limit>
          <Limit WRITE READ>
            DenyAll
          </Limit>
        </Directory>
      </Anonymous>
      ShowSymlinks on
    </VirtualHost>
    
    
    <VirtualHost 174.xxx.xxx.xxx>
      ServerName ftp.fixed_ip_site_two.com
      DisplayConnect /etc/proftp_extras/pt_welcome.txt 
      AuthUserFile /etc/proftpd/product
      MaxClients 30 "Sorry, this ftp server has reached its maximum user count (%m).  Please try again later"
      DefaultRoot ~
    
      # this is customization below
      AllowFilter "^[^@&%:]*$"
    
      Umask 0006
    
      <IfModule mod_tls.c>
          TLSEngine on
          TLSRequired off
          TLSRSACertificateFile /etc/ftpd-rsa.pem
          TLSRSACertificateKeyFile /etc/ftpd-rsa-key.pem
          TLSVerifyClient off
          TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
          TLSOptions NoSessionReuseRequired
      </IfModule>
    
      <Directory />
        AllowOverwrite                on
        HideGroup wheel
        HideUser root
      </Directory>
    
      # force files uploaded to the client ftp folder to be group 'PTclient' by default
      # this allows PHP scripts to access the files.
      <Directory /home/product/public_html/clientarea/ftp>
            DirFakeGroup On ftpgroup
            DirFakeUser On ftpuser
            UserOwner nobody
            GroupOwner PTclient
      </Directory>
      <Directory /home/product/public_html/clientarea/ftp-temp/archive>
            <Limit SITE_CHMOD>
                    AllowAll
            </Limit>
      </Directory>
    
      <Anonymous /home/product/public_ftp>
        UseFtpUsers                   on
        RequireValidShell             off
        UseFtpUsers                   on
        RequireValidShell             off
        User                          ftp
        Group                         ftp
        UserAlias                     anonymous ftp
        DisplayLogin                  welcome.msg
        # DisplayChdir                  .message true
        
        <Limit LOGIN>
          DenyAll
        </Limit>
        <Limit WRITE>
          DenyAll
        </Limit>
    
        <Directory incoming>
          <Limit STOR>
            AllowAll
          </Limit>
          <Limit WRITE READ>
            DenyAll
          </Limit>
        </Directory>
      </Anonymous>
      ShowSymlinks on
    </VirtualHost>
    
    
    Here's my proftpd -V output:
    Code:
     proftpd -V
    Compile-time Settings:
      Version: 1.3.5rc1 (devel)
      Platform: LINUX [Linux 2.6.32-431.11.2.el6.x86_64 x86_64]
      Built: Mon Oct 7 2013 17:23:12 CDT
      Built With:
        configure  '--host=x86_64-redhat-linux-gnu' '--build=x86_64-redhat-linux-gnu' '--program-prefix=' '--datadir=/usr/share' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--sbindir=/usr/sbin' '--bindir=/usr/bin' '--prefix=/usr' '--exec-prefix=/usr' '--mandir=/usr/man' '--with-includes=/usr/kerberos/include' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/libexec/proftpd' '--with-modules=mod_tls:mod_wrap:mod_sftp' '--disable-sendfile' '--enable-openssl' '--with-openssl-dir=/usr' '--enable-shadow' '--enable-dso' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS=-O2 -g' 'CXXFLAGS=-O2 -g'
    
      CFLAGS: -O2 -g -Wall
      LDFLAGS: -L$(top_srcdir)/lib  
      LIBS:  -lssl -lcrypto -lssl -lcrypto -lcap  -lwrap -lnsl  -lssl  -lpam  -lcrypto -lz -lsupp -lcrypt -ldl 
    
      Files:
        Configuration File:
          /etc/proftpd.conf
        Pid File:
          /var/proftpd.pid
        Scoreboard File:
          /var/proftpd.scoreboard
        Header Directory:
          /usr/include/proftpd
        Shared Module Directory:
          /usr/libexec/proftpd
    
      Features:
        - Autoshadow support
        - Controls support
        + curses support
        - Developer support
        + DSO support
        + IPv6 support
        + Largefile support
        - Lastlog support
        - Memcache support
        + ncurses support
        - NLS support
        + OpenSSL support (FIPS enabled)
        - PCRE support
        - POSIX ACL support
        + Shadow file support
        - Sendfile support
        + Trace support
    
      Tunable Options:
        PR_TUNABLE_BUFFER_SIZE = 1024
        PR_TUNABLE_DEFAULT_RCVBUFSZ = 8192
        PR_TUNABLE_DEFAULT_SNDBUFSZ = 8192
        PR_TUNABLE_GLOBBING_MAX_MATCHES = 100000
        PR_TUNABLE_GLOBBING_MAX_RECURSION = 8
        PR_TUNABLE_HASH_TABLE_SIZE = 40
        PR_TUNABLE_NEW_POOL_SIZE = 512
        PR_TUNABLE_SCOREBOARD_BUFFER_SIZE = 80
        PR_TUNABLE_SCOREBOARD_SCRUB_TIMER = 30
        PR_TUNABLE_SELECT_TIMEOUT = 30
        PR_TUNABLE_TIMEOUTIDENT = 10
        PR_TUNABLE_TIMEOUTIDLE = 600
        PR_TUNABLE_TIMEOUTLINGER = 30
        PR_TUNABLE_TIMEOUTLOGIN = 300
        PR_TUNABLE_TIMEOUTNOXFER = 300
        PR_TUNABLE_TIMEOUTSTALLED = 3600
        PR_TUNABLE_XFER_SCOREBOARD_UPDATES = 10
    
     
    #4 PhilGlau, Jul 1, 2014
    Last edited: Jul 1, 2014
  5. PhilGlau

    PhilGlau Active Member

    Joined:
    Nov 3, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Resolution for others who might have same problem:

    Never figured out what was causing the problem, but by switching to 'pure-ftpd' and then back to 'proftpd' in Home »Service Configuration »FTP Server Selection, it seems to have resolved the problem.

    In the end prior to doing the trick above, I was able to confirm that proFTPd worked for all my name-based sites and one of my IP-based sites. Unfortunately it was not working for one other IP-based site which was our most important site. Constantly timing out prior to asking for a password.

    I have no idea why switching between the two made any difference. This seems like the help-desk version of "did you reboot the machine"...

    During the switch I did see that it completely unisntalled the proFTPd RPM, then installed Pure-FTP. Later when I flipped back the opposite direction, it then removed the pure-ftp RPM and then downloaded a new copy of the proftpd RPM. ???

    If anybody knows why this 'solution' would even possibly work, please let me know. I'm extremely curious as to where I failed to look to diagnosis this problem. My guess is there was some folder or setting that got out of wack that the forced installed somehow reset.
     
  6. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    This would cause the configuration to be rebuilt.

    Would you please open a ticket (please use the link in my signature) with a
    Code:
    diff -u proftpd.conf.old proftpd.conf
    on the configuration so we can give you an idea what the rebuild removed that caused the issue.
     
  7. PhilGlau

    PhilGlau Active Member

    Joined:
    Nov 3, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    There is no 'proftpd.conf.old' in my /etc folder.

    Code:
    diff -u proftpd.conf.old proftpd.conf
    returns 'file not found'. There is a 'proftpd.conf.rpmsave'

    I'll use diff -u proftpd.conf.rpmsave proftpd.conf instead
     
  8. PhilGlau

    PhilGlau Active Member

    Joined:
    Nov 3, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    The only major difference I found between the newly generated proftpd.conf and my old one was the inclusion of the following in the new config file:

    Code:
      <IfModule mod_wrap.c>
          TCPServiceName ftp
       </IfModule>
    
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Please include those details in the support ticket, and also post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  10. PhilGlau

    PhilGlau Active Member

    Joined:
    Nov 3, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Ticket ID: 5180875
     
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    To update, it looks like the particular entry in the proftpd.conf file related to this issue was:

    Code:
    PersistentPasswd on
    This is not a standard entry in the ProFTPd configuration file.

    Thank you.
     
Loading...

Share This Page