In our previous tutorial, we saw how to change Apache web server default port. In this guide, we are going to learn how to change FTP default port in Linux. If you haven't read our previous, go to the following link to learn how to change Apache webserver default port.
Change FTP Default Port To A Custom Port
Make sure you have installed VSFTPD server and its service is running.
Then edit VSFTPD configuration file and change the default port as described below.
On Debian / Ubuntu :
Edit /etc/vsftpd.conf
file,
$ sudo vi /etc/vsftpd.conf
On RHEL / CentOS / Fedora / AlmaLinux / Rocky Linux:
Edit /etc/vsftpd/vsftpd.conf
file,
$ sudo vi /etc/vsftpd/vsftpd.conf
Find the following line. If it is not found, add it.
listen_port=21
And change the FTP default port 21 to a custom port, for example 210.
listen_port=210
Save and close the file. Restart vsftpd service to take effect the changes.
In RHEL and its clones, make sure the port number 210 is not blocked in SELinux and Firewall.
$ sudo semanage port -a -t ftp_port_t -p tcp 210
If semanage command is not found, install the following package:
$ sudo yum install policycoreutils-python
To allow port 210 via firewall do the following steps.
In RHEL 7/ CentOS 7:
$ sudo firewall-cmd --permanent --add-port=210/tcp
$ sudo firewall-cmd --reload
In RHEL 6 / CentOS 6 :
$ sudo vi /etc/sysconfig/iptables
And add the new custom port line:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 210 -j ACCEPT
Save and exit the file and restart iptables service.
$ sudo service iptables restart
Finally restart vsftpd service.
$ sudo systemctl restart vsftpd
Or
$ sudo service vsftpd restart
Now verify the port using command:
$ sudo netstat -tulpn | grep :210
Sample output:
tcp6 0 0 :::210 :::* LISTEN 2610/vsftpd
If netstat command is not found in CentOS/RHEL, install the following package.
$ sudo yum install net-tools
Now, you can access the FTP server from all clients using URL: ftp <ftp-server-ip> <port-number>
Example:
$ ftp 192.168.1.150 210
Here, 192.168.1.150 is my FTP server’s IP address and 210 is the FTP custom port.
Sample output:
Connected to 192.168.1.150 (192.168.1.150). 220 (vsFTPd 3.0.2) Name (192.168.1.150:root): ostechnix 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp>
As you see in the above output, we have accessed the ftp server using the custom port 210. You can use any port number of your choice. But, just make sure that custom port is not used by any other services.
Access FTP server using FTP client or Web browser
Similar to CLI method, you need to mention the custom port number while accessing the FTP server via a FTP client or a web browser.
Open your FTP client, for example FileZilla, and enter username, password and custom port in the respective fields and then click the connect button.
To access the FTP server from a browser, the URL must be:
ftp://<IP-Address>:<port-number>
Or
ftp://<login>:<password>@IP-Address:<port-number>/
We will see how to change the SSH default port in our next article linked below.