After the v12 update (which I already did a while ago) I see the TLS is not enabled anymore for the FTP service.
Does someone know how to configure PureFTPD to work with SNI and the certificates generated by Enhance/Let's encrypt? Do more people have this problem?
mbe81 I don't use FTP at all, but a relevant comment from Enhance on this issue is here: https://community.enhance.com/d/2353-problem-with-ftp-over-ipv6/3
You may need to open a ticket if you are having issues since I don't recall Enhance/customers sharing anything since v12 on this issue.
Hmm. I see it might be fixed with v12.20. However I am still on 12.18.
The following packages have been kept back: ecp-core libgbm1 libglapi-mesa libglx-mesa0 mesa-vulkan-drivers sosreport ubuntu-server-minimal
Also get a message that the repository 'https://dlm.mariadb.com/repo/maxscale/latest/apt noble Release' no longer has a Release file.
12.0.20 25th February 2025 Fixed Pure-ftpd TLS config. Run systemctl restart pure-ftpd after applying this update. Corrected suggested file name for Plesk SCP upload from .tar to .tar.gz.
xyzulu Haha thanks. You were linking to my own topic. That was a different issue. Indeed not many people use FTP anymore. Most people use just WordPress or somethig else.
In the mean time I saw that when I use apt-get upgrade the above listed packages are kept back. When I use apt upgrade the ecp-core package is selected for update.
apt-get upgrade
apt upgrade
mbe81 instead of FTP, we use ssh or "ftp over ssh" (not a correct term, but some people find that more useful to explain. Using ssh and not ftp allows for passwordless (ssh keys) logins, which is what you should be using in this modern age 😉
xyzulu I know... some customers are still using FTP. Most people just use the filemanager or are happy with the standard WordPress installation
mbe81 some customers are still using FTP
They will while you provide it 😉
xyzulu i used FTP to auto deploy changes from my IDE to the server, many customers - devs do so disabling ftp is not viable for all business
gmakhs i used FTP to auto deploy changes from my IDE to the server
ssh is safer and easier.. this isn't my personal opinion. Anyway.. I'll bow out of this discussion, your server your choice.
xyzulu i dont disagree without you but i prefer to give ftp than ssh access to clients
Anytime developer needed access has been asking me for FTP, clearly we can’t use this feature without proper secure connection so has been disabled for now port 21 but I really hope this to be sorted as it’s shit not to have FTP with secure connection. I am 100% sure every customer will be sending me a ticket asking why they don’t have FTP or why it’s not secured. I really expect when let’s encrypt ssl gets deployed on customer website they to have secure FTP connection to their website straight away. Also when we add ftp account ideally we need to be able to allow that account to access the server only from specific IPs…
