CurlMBS won't upload after server migration

My server host has migrated to a new server and now I cannot upload files using CurlMBS.
The username and password are fine and I can upload using their Cpanel file manager as well as Filezilla but with CurlMBS I receive error 530 authentication failed - Access denied.
I have checked folder permissions and they are 755 although I have even tried 777.
I have been using the example code for CurlMBS file upload for many years no problem but on the day they migrated it stopped.
I contacted them and they insist nothing has changed.

I guess you are using FTP since you mentioned FileZilla.

My guess is that the upgrade has switched the server from FTP to FTPS or it was already FTPS and the version of SSL / TLS has been updated.

You might be able to find the cause by switching on the Curl verbose mode and capturing the output.

3 Likes

If you’re literally using CURLMBS, as you write it, you’re either supplying your own CURL library or using the one already baked into the OS. CURLSMBS will give you built-in libraries for both CURL and SSL. These are included in your built app.

You don’t mention your own platform. If it’s Mac, I’m pretty sure the built-in CURL (which will be dated, but not terribly so) will be crippled on the SSL front, just as it is for SSH (for anyone wanting SFTP.)

Using CURLSMBS is a really good idea. The CURL library in each MBS release is usually the most current.

Edited for clarity.

3 Likes

Please first start with doing a directory listing, so you see in which folder you end up.

For my own web server, I have accounts, that end up in “/” folder, the server root.

Another account on the same server ends up in “/clients/mydomain/” folder with my domain. So a directory listing may show you which folder you are in now.

Here’s the log (“xxx” where private information is removed)

MBS Xojo Plugins 21.3 with CURL 7.77.0 on macOS.

Trying 101.0.102.xxx:21…

Connected to ftp.kxxx.com (101.0.102.xxx) port 21 (#0)

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------

220-You are user number 1 of 50 allowed.

220-Local time is now 19:33. Server port: 21.

220-This is a private system - No anonymous login

220-IPv6 connections are also welcome on this server.

220 You will be disconnected after 15 minutes of inactivity.

AUTH SSL

500 This security scheme is not implemented

AUTH TLS

234 AUTH TLS OK.

TLSv1.3 (OUT), TLS handshake, Client hello (1):

TLSv1.3 (IN), TLS handshake, Server hello (2):

TLSv1.2 (IN), TLS handshake, Certificate (11):

TLSv1.2 (IN), TLS handshake, Server key exchange (12):

TLSv1.2 (IN), TLS handshake, Server finished (14):

TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):

TLSv1.2 (OUT), TLS handshake, Finished (20):

TLSv1.2 (IN), TLS handshake, Finished (20):

SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384

Server certificate:

subject: CN=oldcharlie.hosting-australia.com

start date: Mar 3 00:00:00 2023 GMT

expire date: Jun 1 23:59:59 2023 GMT

issuer: C=US; ST=TX; L=Houston; O=cPanel, Inc.; CN=cPanel, Inc. Certification Authority

SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.

USER kxxx

331 User kxxx OK. Password required

PASS xxxxxxx

530 Login authentication failed

Access denied: 530

Closing connection 0

TLSv1.2 (OUT), TLS alert, close notify (256):

After closing Curl gives error number 67

Hi Christian, I can’t connect to do a directory listing. See post below, perhaps this might help find the problem.

Please try to use Port 22 or 990. Maybe it’s just Port 21 which does not allow TLS Logins?

Port 21 is ftp:// protocol, while port 22 is sftp:// protocol. Please make sure the URL matches what you want to do.

The log shows FTP with TLS and the password being invalid.

Do you have a log where it worked?

|Status: |Resolving address of kxxx.com|
|Status: |Connecting to 27.50.67.241:21…|
|Status: |Connection established, waiting for welcome message…|
|Status: |Initializing TLS…|
|Status: |TLS connection established.|
|Status: |Logged in|

Switched from port 21 to port 22 in FileZilla and it failed with timeout.
Also copied password from FileZilla to Xojo project and they are identical.

Does this mean anything from Curl log just before password.

SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.

The certificate verification doesn’t deal with the password.

One log shows IP 101.0.102.xxx:21 and other shows 27.50.67.241:21, so are you sure you target the right server?

1 Like

Can you show us the code you are using to initialise / configure curl and perform the transfer.

FIXED !!!
Changed the host name from
ftp://ftp.kxxx.com/
to ftp://kxxx.com/

According to my program notes the upload would only work previously with “ftp://ftp.kxxx.com/”
Perhaps the new server doesn’t have a subdomain name ftp.kxxx.com

Thank you so much for your replies and effort.

2 Likes