Author Topic: How to disable port 21 for plain FTP?  (Read 4671 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
How to disable port 21 for plain FTP?
« on: June 13, 2021, 08:26:56 AM »
I have removed PORT 21 from CSF at TCP_IN, TCP_OUT, TCP6_IN, and TCP6_OUT.
I have restarted CSF and LFD.
I have restarted pure ftpd service.

but when I tried to login to FTP with port 21, I can login successfully.
So, how can I totally disable PORT 21? I just want to use SFTP for security reason.

Thanks.
we are web developer in Indonesia with address: Tatamedia Solusindo | web hosting with mutiple choices | discounted software store

Offline
*****
Re: How to disable port 21 for plain FTP?
« Reply #1 on: June 13, 2021, 09:35:53 PM »
You can remove ports form csf/lfd, but Whitelisted IP(s) still can access those ports.

e.g. You would remove port 22 for SSH, but your Whitelisted IP will still be able to access it.
I recommend doing this to stop port sniffers and SSH access attempts.

Offline
*
Re: How to disable port 21 for plain FTP?
« Reply #2 on: June 14, 2021, 02:13:36 AM »
is that mean that whiteliisted IP can access all ports in server although the ports have been remove from CSF/LFD? I'm not sure about that.
I have whiteisted an IP at my CWP server.Then I try to login to ssh via port 22, and it was refused, since port 22 has removed from CSF/LFD.
But it does not impact with PORT 21.
What's the difference?

Thanks.
we are web developer in Indonesia with address: Tatamedia Solusindo | web hosting with mutiple choices | discounted software store

Offline
*****
Re: How to disable port 21 for plain FTP?
« Reply #3 on: June 14, 2021, 03:54:10 AM »
when you ip is whitelisted you can access any port.