How do I disable TLS in the FileZilla FTP program?
We occasionally hear reports of the FileZilla FTP program getting stuck with a message saying “initializing TLS”, or getting errors soon after connecting, like this:
Command: MLSD Error: Connection timed out after 20 seconds of inactivity Error: Failed to retrieve directory listing The TLS connection was non-properly terminated
If this happens, it’s usually caused by either an outdated version of FileZilla, or because the firewall or router on your computer has trouble with TLS (a form of encryption) for FTP connections.
First of all, make sure you’re using the latest version of FileZilla (or try another free FTP program like Cyberduck).
If you still have trouble, the best way to avoid this problem and still keep your password secure is to use SFTP instead of normal FTP in FileZilla. SFTP should not have the same problem, although it’s a little more complicated to use.
If you want or need to continue to use plain FTP for some reason, you can disable TLS encryption.
Disabling TLS in FileZilla
To disable TLS encryption in FileZilla, you’ll need to add the site in the “Site Manager” (instead of using the QuickConnect method).
1. Open the Site Manager
Click the File menu and choose Site Manager.
2. Enter the new site settings
Enter these settings:
|Protocol:||FTP — File Transfer Protocol|
|Encryption:||Only use plain FTP (insecure)|
|Password:||your main account password|
When you’re finished, the screen should look like this:
3. Connect to the server
Each time you want to connect to the server, simply open the Site Manager again and click Connect.
What’s the technical reason that FTP with TLS doesn’t work on some firewalls or routers?
FTP uses two connections to work properly. The first connection handles commands like “Send me file X”, or “Show me the list of files in the Y directory”, and the second connection is then opened to send the file or directory listing.
Some firewalls and routers block the second connection by default, which normally prevents FTP from working. To solve this problem, they examine the commands sent in the first connection to know when to allow the second one.
But if you enable TLS/SSL for the first connection, the firewall can’t see the contents of it because of the encryption, and it doesn’t know that it should allow the second connection.
Disabling SSL/TLS fixes this because the firewall can then see the contents of the first connection. Using SFTP fixes it because SFTP only uses a single connection and doesn’t need a second connection, so your firewall or router setup doesn’t matter.