Ftp connect not working after update

dencha · January 23, 2025, 9:24pm

Hello everyone. Suddenly I am not able to connect to my server ftp anymore with filezilla or any other client. OS: Ubuntu 22.04.5 LTS
I am using free cloudflare plan, but I did not changed any settings. I think it am not able to connect after I did sudo apt upgrade like one week ago, but I am not sure about it, maybe it was like that even earlier.

User is connecting from ssh and also file manager from hestia works also…

ftp -p 127.0.0.1:
230 Login successful.                                                                             
Remote system type is UNIX.                                                                       
Using binary mode to transfer files.

cat /var/log/auth.log
Jan 23 23:21:05 sls7 sudo: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=1001)          
Jan 23 23:21:05 sls7 sudo: pam_unix(sudo:session): session closed for user root                               
Jan 23 23:21:05 sls7 sudo: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=1001)          
Jan 23 23:21:05 sls7 sudo: pam_unix(sudo:session): session closed for user root                               
Jan 23 23:21:05 sls7 sudo: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=1001)          
Jan 23 23:21:05 sls7 sudo: pam_unix(sudo:session): session closed for user root                               
Jan 23 23:21:06 sls7 sudo: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=1001)          
Jan 23 23:21:06 sls7 sudo: pam_unix(sudo:session): session closed for user root                               
Jan 23 23:21:06 sls7 sudo: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=1001)          
Jan 23 23:21:06 sls7 sudo: pam_unix(sudo:session): session closed for user root                               
Jan 23 23:21:06 sls7 sudo: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=1001)          
Jan 23 23:21:06 sls7 sudo: pam_unix(sudo:session): session closed for user root                               
Jan 23 23:21:06 sls7 sudo: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=1001)          
Jan 23 23:21:06 sls7 sudo: pam_unix(sudo:session): session closed for user root

sahsanu · January 23, 2025, 9:40pm

Hi @dencha

I can connect to your FTP server so looks like you have blocked yourself.

Check if your current client IP has been banned:

v-list-firewall-ban

If you see your ip:

v-delete-firewall-ban HereYourIP FTP

dencha · January 23, 2025, 9:52pm

Yeah… I see my IP and its said chain: “RECIDIVE”.

I try to remove it, it somehow not doing it. Also it says i`ve just got ban by time, while I am not able to connect for week or more. Why it could ban me again and again?

sahsanu · January 23, 2025, 9:54pm

If you are on RECIDIVE chain then you must delete the ip from that chain:

v-delete-firewall-ban HereYourIP RECIDIVE

Check fail2ban logs to know why it is blocking you.

dencha · January 23, 2025, 9:56pm

It worked for now. Thanks! I will try to inspect it… This is how i should check log? tail -f /var/log/auth.log ?

sahsanu · January 23, 2025, 10:07pm

Use this:

 grep -F ' Ban HereYourIP' /var/log/fail2ban.log*

If you always connect from the same ip you can whitelist it so fail2ban won’t ban you.

echo -e '[DEFAULT]\nignoreip = HereYourIP' > /etc/fail2ban/jail.d/whitelist.local
systemctl restart fail2ban

If you have a dynamic IP you can create a DDNS record (there are a few free services out there) and update it every time the ip changes and use that DDNS in ignoreip directive instead of the IP.

system · February 22, 2025, 10:08pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.