change ftp port in linux

How to Change FTP Port in Linux

By default, FTP services run on port 21. However, since these are publicly known port numbers used by almost every FTP service, it may pose a security issue with attackers trying to access this port. Changing FTP port number is one of the simplest ways to secure FTP services on your network. There are many FTP services available for use. We will learn how to change FTP port number in Proftpd service.

How to Change FTP Port in Linux

Here are the steps to change FTP port in Linux. You need to follow the same steps for almost every FTP service. We will basically open its configuration file in a text editor, change the port number mentioned in it, save and close the file, and then restart the FTP service.

1. Open configuration file

Depending on your Linux distribution, run the following command to open configuration file for Proftpd.

# vi /etc/proftpd.conf            [On CentOS/RHEL]
# vi /etc/proftpd/proftpd.conf    [On Debian/Ubuntu]

Similarly, if you want to change port number of VSFTPD, open its config file.

$ sudo vi /etc/vsftp/vsftpd.conf 
or /
$ sudo vi etc/vsftpd.conf

2. Change Port Number

You will see the following line.

Port 21

Change it to 2000, as shown below, to change the FTP port to 2000. You can use a port number as per your requirement.

#Port 21
Port 2000

Save and close the file.

3. Restart Proftpd

Restart Proftpd service with the following commands.

# systemctl restart proftpd
# netstat -tlpn| grep ftp
# ss -tlpn| grep ftp

If you are running RHEL/CentOS systems, run the following commands to install policycoreutils and add SELinux rules to bind FTP to port 2000.

# yum install policycoreutils
# semanage port -a -t http_port_t -p tcp 2000
# semanage port -m -t http_port_t -p tcp 2000
# systemctl restart proftpd

Finally, update your system’s firewall to allow traffic through port 2000.

As mentioned earlier, it is always advisable to change the FTP port on your system to make it difficult for attackers to guess and exploit vulnerabilities.

Also read:

How to Check CVE Vulnerability in Linux
How to Capture Top Command Output to File
How to Check Supported TLS/SSL Versions in Linux
How to Run Multiple Commands in Linux
How to Record & Replay Terminal Session in Linux

Leave a Reply

Your email address will not be published. Required fields are marked *