By default, FTP services run on port 21. However, since these are publicly known port numbers used by almost every FTP service, it may pose a security issue with attackers trying to access this port. Changing FTP port number is one of the simplest ways to secure FTP services on your network. There are many FTP services available for use. We will learn how to change FTP port number in Proftpd service.
How to Change FTP Port in Linux
Here are the steps to change FTP port in Linux. You need to follow the same steps for almost every FTP service. We will basically open its configuration file in a text editor, change the port number mentioned in it, save and close the file, and then restart the FTP service.
1. Open configuration file
Depending on your Linux distribution, run the following command to open configuration file for Proftpd.
# vi /etc/proftpd.conf [On CentOS/RHEL] # vi /etc/proftpd/proftpd.conf [On Debian/Ubuntu]
Similarly, if you want to change port number of VSFTPD, open its config file.
$ sudo vi /etc/vsftp/vsftpd.conf or / $ sudo vi etc/vsftpd.conf
2. Change Port Number
You will see the following line.
Port 21
Change it to 2000, as shown below, to change the FTP port to 2000. You can use a port number as per your requirement.
#Port 21 Port 2000
Save and close the file.
3. Restart Proftpd
Restart Proftpd service with the following commands.
# systemctl restart proftpd # netstat -tlpn| grep ftp OR # ss -tlpn| grep ftp
If you are running RHEL/CentOS systems, run the following commands to install policycoreutils and add SELinux rules to bind FTP to port 2000.
# yum install policycoreutils # semanage port -a -t http_port_t -p tcp 2000 # semanage port -m -t http_port_t -p tcp 2000 # systemctl restart proftpd
Finally, update your system’s firewall to allow traffic through port 2000.
As mentioned earlier, it is always advisable to change the FTP port on your system to make it difficult for attackers to guess and exploit vulnerabilities.
Also read:
How to Check CVE Vulnerability in Linux
How to Capture Top Command Output to File
How to Check Supported TLS/SSL Versions in Linux
How to Run Multiple Commands in Linux
How to Record & Replay Terminal Session in Linux