FileZilla FTP Error: Connection timed out after 20 seconds of inactivity

FileZilla can give your connection timed out error as new version of FileZill forces TLS encryption over plain FTP connections. This is applicable even on the new sites created under Site Manager or any site configured previously. This can lead to an issue of Connection timed out after 20 second of inactivity due to security purpose.

Response: 421 Timeout – try typing a little faster next time
Error: GnuTLS error -110 in gnutls_record_recv: The TLS connection was non-properly terminated.
Status: Server did not properly shut down TLS connection
Error: Could not read from socket: ECONNABORTED – Connection aborted
Error: Disconnected from server

This issue can be resolved by resetting accounts to use plain, unencrypted FTP connections.

Just follow these easy steps to configure FileZilla’s ftp connection settings:

  1. Start FileZilla.
  2. On the File menu, click Site Manager.
  3. Under Select Entry, click the site.
  4. On the General tab, in the Encryption list box, select Only use plain FTP (insecure).
  5. Click OK.
filezilla connection setting

Still Not Working?

If this still does not works then modify the connection mode.

  1. Start FileZilla.
  2. On the Edit menu, click Settings.
  3. Select “FTP” and then select Transfer Mode “Active mode or Passive mode”.

Connection Time Out Resolution at server level (CPanel)

At server level the admin can allow the client to connect directly without an unencrypted connection which will resolve the connection time out issue.

  1. Open WHM/CPanel Admin panel.
  2. Click on Service configuration >> FTP server configuration.
  3. TLS encryption support should be set to optoinal

Resolution Step 2

If the above setting still gives time out issue this means the ports are not properly opened. In that case if CSF firewall is installed on CPanel then add the following port range as described by CPanel for Passive mode.

The system enables passive ports 49152 through 65534 for Pure-FTPd servers and ProFTPd servers by default.

Add the port range 49152:65534 in firewall as follow:

You can enable the passive ports, in order for connection with TLS encryption. Pure-ftpd configuration files is located at /etc/pure-ftpd.conf which has PassivePortRange field commented out. This has the range of ports that needs to be opened for the FTP service with passive mode. Also add these port ranges in the firewall .


# Port Ranges for passive connection replies – Firewall
# PassivePortRange  300000  50000

Pure FTP Config File in CyberPanel

The FTP Config file in CyperPanel is located at following location:

Just use your favorite editor like nano or vim

nano /etc/pure-ftpd/pure-ftpd.conf

FTP Connection Timout Error in DirectAdmin

Edit the following file of Pure FTP to add ports

nano /etc/pure-ftpd.conf

Notify of
1 Comment
Newest Most Voted
Inline Feedbacks
View all comments
3 years ago

Common Ports that should be enabled in CSF. TCP_IN 

Allow outgoing TCP ports