User profile for user: Tomas009
Tomas009 Author
User level: Level 1
11 points

Can't connect to FTP server when I'm connected via hotspot

I need to connect to my webserver via FTP from my MacOS (13.4.1). When I'm connected via home internet provider, everything is OK. But when I connect via hotspot from my iPhone (iOS 17), I can't connect to FTP. The error message is "Connection timeout". The Internet in web browser is working perfectly, but FTP connection doesn't work. I tried several FTP clients (Filezilla, Forklift, ...), but still the same problem. 

 

A few weeks ago, I used this FTP clients without any problem with hotspot, so maybe it could be related with iOS 17 update. 

 

Has anyone same problem? Is there any possibility to analyze network settings to find out where could be the problem? I tried to switch off the Firewall on MacOS, but no change...

 

Thanks.

iPhone 13 Pro, iOS 17

Posted on Sep 20, 2023 4:30 AM

Reply
Question marked as Top-ranking reply
User profile for user: MrHoffman
MrHoffman
Community+ 2025
User level: Level 10
144,509 points

Posted on Sep 20, 2023 8:24 AM

Being older than IP networking itself (yes, really), and its pattern of connections is fundamentally incompatible with modern network firewalls, and being wildly insecure, FTP quite often causes issues, and increasingly often simply gets blocked.


To get FTP to work with a firewall, one or both firewalls (on the local network, and in the remote network) must scan the FTP traffic and preemptively open up the second port. The direction of this second connection depends on whether the FTP connection is operating in active or passive mode. But it’ll always run into a firewall, if the firewall isn’t configured to scan FTP traffic.


(This second data connection used by FTP usually uses an ephemeral port selected at run-time, so there’s no way a firewall can predict that without communications with the FTP server or FTP client, which means either opening up the entire ephemeral range, or configuring the FTP server to use a particular sub-range and opening that, or (as is common on middling and higher-spec firewalls) scanning the passing FTP traffic.)


As FTP openly leaks the server credentials in cleartext, the recipient firewall and recipient FTP server need to process and relocate the arriving files too, as the server can otherwise become filled with unwanted or illegal files.


If you need file uploads with your web server, use HTTPS file uploads, or configure and use SFTP.


If you really need FTP, set up a VPN to wrap the connection; that VPN might be L2TP/IPSec, or maybe FTPS.


PS: also learn about Gifar and other types of polyglot files, particularly if you’re exposing potentially untrusted uploaded files.

View in context

Similar questions

63 replies

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Can't connect to FTP server when I'm connected via hotspot

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up