SOLVED PureFTP Resets Passive Ports & IP Address

[Henry Aspden]

So I keep going in to change /etc/pure-ftpd.conf and replacing the passive ports and FTP address on lines

PassivePortRange 30000 50000



# Force an IP address in PASV/EPSV/SPSV replies. - for NAT.
# Symbolic host names are also accepted for gateways with dynamic IP
# addresses.

ForcePassiveIP IP.IP.IP.IP(where this is my public IP)

However, every time I update a pureFTP setting through WHM, this resets itself, also whenever the server does an update this resets itself back to the default...

Any thoughts on how to change it so that it will always stick to my ports and IP after every update etc? Clearly the preset data is stored somewhere...

Thanks

 

[cPanelMichael]

Hello,

You will need to follow the instructions documented on the URL below to ensure the changes are preserved:

FTP FAQ - Version 68 Documentation - cPanel Documentation

Thank you.

 

[Henry Aspden]

Hello,

You will need to follow the instructions documented on the URL below to ensure the changes are preserved:

FTP FAQ - Version 68 Documentation - cPanel Documentation

Thank you.

Thanks cPanelMichael that's really helpful !!! I tried searching for this and everyone talks about just updating the pure-ftpd.conf file so I never even thought to check the documentation as I assumed it must not be in there. Thanks so much for your help and sorry for wasting some time here

Regards

Henry

 

[adamreece.webbox]

This still happens today. This range needs to stick due to firewall considerations.

The page linked to no longer exists, how can we get "PassivePortRange" to stick to what we need it to today? This should not be changing without our consent.

 

[cPAdminsMichael]

This still happens today. This range needs to stick due to firewall considerations.

The page linked to no longer exists, how can we get "PassivePortRange" to stick to what we need it to today? This should not be changing without our consent.

Hi, to make changes to your FTP configuration, you need to change the local file as described in the docs:

How to Edit FTP Server Configuration from the Command Line | cPanel & WHM Documentation

This document explains how to manually edit the FTP server's configuration from the command line.

docs.cpanel.net

For passive ports, I recommend simply changing your firewall configuration to open the default ports though.

 

[cPRex]

As noted, it's not recommended to edit the /etc/pure-ftpd.conf file directly, and you should instead use the steps outlined in the docs above.

 

[adamreece.webbox]

Thanks for the advice Michael + Rex, I'll give that a go on all our WHM servers.
To be fair it's not often that the config gets overwritten, and apparently only one of our 100+ clients actually use FTP. (Everyone else appears to use SCP/SFTP/SSHFS.)

What we won't be doing is just allowing the default range through the firewall simply because of the vastness of such a range. 20k ports is rather excessive!

 

[cPRex]

You can limit the port range that pure-ftpd uses through this process, and then just open that range in the firewall. I've had my machine limited to 500 ports for years with no ill effects.