Control Web Panel

WebPanel => FTP => Topic started by: hanliong on June 13, 2021, 08:26:56 AM

Title: How to disable port 21 for plain FTP?
Post by: hanliong on June 13, 2021, 08:26:56 AM

I have removed PORT 21 from CSF at TCP_IN, TCP_OUT, TCP6_IN, and TCP6_OUT.
I have restarted CSF and LFD.
I have restarted pure ftpd service.

but when I tried to login to FTP with port 21, I can login successfully.
So, how can I totally disable PORT 21? I just want to use SFTP for security reason.

Thanks.

Title: Re: How to disable port 21 for plain FTP?
Post by: Starburst on June 13, 2021, 09:35:53 PM

You can remove ports form csf/lfd, but Whitelisted IP(s) still can access those ports.

e.g. You would remove port 22 for SSH, but your Whitelisted IP will still be able to access it.
I recommend doing this to stop port sniffers and SSH access attempts.

Title: Re: How to disable port 21 for plain FTP?
Post by: hanliong on June 14, 2021, 02:13:36 AM

is that mean that whiteliisted IP can access all ports in server although the ports have been remove from CSF/LFD? I'm not sure about that.
I have whiteisted an IP at my CWP server.Then I try to login to ssh via port 22, and it was refused, since port 22 has removed from CSF/LFD.
But it does not impact with PORT 21.
What's the difference?

Thanks.

Title: Re: How to disable port 21 for plain FTP?
Post by: Sandeep on June 14, 2021, 03:54:10 AM

when you ip is whitelisted you can access any port.