For both PureFTPd and ProFTPd, there should be an easy way within the panel to open the ports for Passive mode and to uncomment out the setting. Same thing for enabling Active mode.
Add Ability to configure passive FTP ports through WHM
Open Discussion
As a server administrator, I would like to be able to set up passive ports through WHM.
According to cPanel documentation, there are two steps necessary to configure this via shell: changing the FTP servers configuration file and setting the internal cPanel variable.
http://documentation.cpanel.net/display/CKB/How+to+Enable+FTP+Passive+Mode
The instructions are good, and with a little thinking one can determine how to update the files as well, but it would be nice to have this configurable in the WHM interface. This will be especially true once FTP configuration can be pushed out using Server Configuration Clustering. :)
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
This should likely add the iptables rules for you as well.
This is a common error customers see:
Reply: 227 Entering Passive Mode ()
Command: MLSD
Error: Could not establish data connection: No route to host
This should likely add the iptables rules for you as well.
This is a common error customers see:
Reply: 227 Entering Passive Mode ()
Command: MLSD
Error: Could not establish data connection: No route to host
I think we should make it easier to customize the passive port range (via WHM) and at the same time improve the default of said passive port range to use more ideal values based on RFC rather than arbitrary selection (i.e., RFC's suggested 49152 through 65535, versus just uncommenting a directive for ports 30000 to 50000). We should also consider having the relevant firewall setup scripts distributed with cPanel account for the WHM-configured passive port range.
https://tools.ietf.org/html/rfc6056#section-2
2. Ephemeral Ports
2.1. Traditional Ephemeral Port Range
The Internet Assigned Numbers Authority (IANA) assigns the unique parameters and values used in protocols developed by the Internet Engineering Task Force (IETF), including well-known ports [IANA]. IANA has reserved the following use of the 16-bit port range of TCP and UDP:
o The Well-Known Ports, 0 through 1023.
o The Registered Ports, 1024 through 49151
o The Dynamic and/or Private Ports, 49152 through 65535
The dynamic port range defined by IANA consists of the 49152-65535 range, and is meant for the selection of ephemeral ports.
I think we should make it easier to customize the passive port range (via WHM) and at the same time improve the default of said passive port range to use more ideal values based on RFC rather than arbitrary selection (i.e., RFC's suggested 49152 through 65535, versus just uncommenting a directive for ports 30000 to 50000). We should also consider having the relevant firewall setup scripts distributed with cPanel account for the WHM-configured passive port range.
https://tools.ietf.org/html/rfc6056#section-2
2. Ephemeral Ports
2.1. Traditional Ephemeral Port Range
The Internet Assigned Numbers Authority (IANA) assigns the unique parameters and values used in protocols developed by the Internet Engineering Task Force (IETF), including well-known ports [IANA]. IANA has reserved the following use of the 16-bit port range of TCP and UDP:
o The Well-Known Ports, 0 through 1023.
o The Registered Ports, 1024 through 49151
o The Dynamic and/or Private Ports, 49152 through 65535
The dynamic port range defined by IANA consists of the 49152-65535 range, and is meant for the selection of ephemeral ports.
Replies have been locked on this page!