April 21st, 2010, 06:53 AM
What ports should I open for FTP over SSL?
Hi, I have my dedicated server which is limited by firewall of company where my server is installed. I missed proper ports set up when giving installation forms and now I have to pay for opening ports (I only requested ports 21 and 22 and I am not able to set up any FTP server, tried FileZilla and IIS). If somebody could advise what ports I should open that would be great - I am going to use FTP over SSL (have my own SSL cert, not self signed). I lost lots of time trying to reasearch it and I am still not sure about ports. As far as I know from my research FileZilla uses passive mode and IIS FTP active, is that true? I also have seen people recommending passive as more safe, but I have seen advices that I need to open all ports over 1023 for that mode, so how this can be more safe.
Also maybe somebody can recommend some free commercial use FTP servers? FileZilla looks ok, but I don't think I will open all ports over 1023 if that will be required and IIS FTP is hard to set up users (not being windows users) with different directory permissions (and possibly I can have hundreds of them).
April 27th, 2010, 08:58 AM
Seems that it is hard to get some help here. Finally I went for SFTP (SSH) and got all the details I need.
April 29th, 2010, 07:07 AM
why don't you share your knowledge here for up-coming people
April 29th, 2010, 07:54 AM
Originally Posted by Manivel
In my case it was really specific, my server was behind firewall I had no access to and I would be charged for changing firewall rules, so I wanted to avoid that. I initially requested ports 21 and 22 to be open, however this was not enough for FTP and FTP over SSL. I had no clue initially that IIS does not support secure FTP (SSH), so I spend a lot of time trying to set up FTP on IIS and FileZilla and failed. In best case I was able to connect but I could not list directory. This was caused because no data port was open (active mode requires port 20, passive any ports over 1023). Finally I tried to some freeware servers supporting SSH and I could set it up within minutes without any problem. SFTP requires port 22 only to be open. I found coreFTP which seems to be fulfilling all my requirements, but I did not test it yet enough. I asked in other post if somebody maybe used it and could give some feedback, but I had no response yet.
All above is based on my research and experience from the last few weeks.