BABELEXPORT.COM is parked at Cloudflare but pointing to HostLegends hosting company (167.86.99.163). During the last few days I have been trying on multiple occasions to transfer some files to HostLegends server using LiveZilla. The attempts have been unsuccessful.
[2] ACTION TAKEN: (Please refer to attached screenshot)
DNS settings as they are right now are shown on the upper image. The left hand side of the lower section shows the parameters I used to log in. The right hand side is a copy of the error message which shows 104.21.37.39 (Cloudflare) instead of the IP of target server. A few days ago I thought this has been happening because the A record for BABELEXPORT.COM was PROXIED. Your support page (Proxy status · Cloudflare DNS docs) confirms my guess as we can read the following at “Ports and protocols”:
By default, Cloudflare only proxies HTTP and HTTPS traffic. If you need to connect to your origin using a non-HTTP protocol (SSH, FTP, SMTP) or the traffic targets an unsupported port at the origin, either leave your records unproxied (DNS-only) or use Cloudflare Spectrum.
- GOOD & BAD NEWS: I managed to connect with LiveZilla by changing (only during LiveZilla session) the status of the A Record for BABELEXPORT.COM from PROXIED to DNS only. However, today is failing to connect even if I change the A record to DNS only. Please note LiveZilla is unable to connect even if I tick the BYPASS PROXY option found on the advanced settings. Furthermore, the SSL/TLS certificate (Let’s Encrypt) has been successfully installed without any current warning or error message (all components in GREEN).
Just in case, the only newly added records after the successful connection are highlighted on the screenshot with blue arrows:
PS: I read at your support pages that Cloudflare SPECTRUM could solve this issue I am experiencing with LiveZilla, but I am trying to solve it without having to sign up with Cloudflare SPECTRUM in order to downsize costs. Thank you!
Thank you. And what is the Encryption option to choose then? For FTP LiveZilla gives four (4) options:
Use explicit FTP over TLS if available
Require explicit FTP over TLS
Require implicit FTP over TLS
Only use plain FTP (insecure)
As per attached file, under the ADVANCED section we can tick BYPASS PROXY. I thought I could leave the DNS “proxied” and then ticking the BYAPSS PROXY option, but it did not work. In short, it looks like it will never connect as long as the DNS is PROXIED but on top of that I feel I am missing something to make things work.
PS: I am wondering if I leave the DNS in “proxied” status and then choose option 4 above (Only use plain FTP). It is treated as insecure but if the DNS is proxied I understand that would make things harder for any attack.
That would send your FTP credentials over the internet in plain text and would still fail because Cloudflare will block the request as it’s not a port they proxy.
You need to either use the origin IP address or a host name which resolves directly to your IP address . I don’t use FileZilla, but I assume Bypass proxy refers to a local LAN proxy, it wouldn’t have any impact on Cloudflare.
I wouldn’t use FTP if TLS wasn’t available, so absent option 2 being available on your origin server, I’d find another way to transfer files.
Thank you! I followed your advice of using the IP address of target server (167.86.99.163) and the test was SUCCESSFUL with option 1 (Use explicit FTP over TLS if available). The attached screenshot shows all parameters I used as well as the report of successful connection. Please note this connection was made with DNS in PROXIED status. So, this setting has solved the problem without having to make changes to DNS status.
PS: I genuinely thought that IP address of server refers to the whole server of the hosting company (not the space allocated to my account). Therefore I understand LiveZilla pointed to my folder based on the username validated with password. However, if I recall well a few years ago a website designer asked for my username to access my folder and when I was going to give him the password he said the username was enough for him as if he could access the server without knowing the password. That sounds really strange!
. I don’t use FileZilla, but I assume Bypass proxy refers to a local LAN proxy, it wouldn’t have any impact on Cloudflare.