Backup upload to FTP returned exit code 451

realcryptonight

realcryptonight

Verified User
Joined
Nov 16, 2019
Messages
432
Hello everyone,

I have a backup scheduled for every day on my main DA server.
The backup is tranfered to a second DA box that is purely for a second DNS (Multi-Server) and uploading backups to.

The first DA is an clean install with the previous user data being restored from a backup.
The second DA is an clean install with no user data but just an admin account that is not called admin.

When the backup get run I get the following message in my message system:
User **da user 2** has been backed up. <1:00:39>
User **da user 1** has been backed up. <1:00:54>
ftp_upload.php exit code: 18
ftp_upload.php output: curl: (18) server did not report OK, got 451
curl return code: 18
<1:00:57>
Please see this URL and check for curl exit code '(18)': https://help.directadmin.com/item.php?id=2127

Although a backup error has occurred, the upload of valid backups would have still been attempted to ftps://**Other DA box**/remote_backups/daily/Saturday <1:00:57>
Click to expand...

Something that might be handy to know:
  • Both DA servers have chmod 1777 /home/tmp
  • Port 35000 to 35999 are added to the firewall for both in and out on both servers.
  • In Filezilla I have no issues with uploading files over ftps.
  • The backups seem to be transfered completely but I have not yet had time to test them.

Does anyone have a clue where to start looking?
 
Yep the backups are complete. I can decrypt my backups and restore them.
So I really do not know where this issue is comming from.
 
**my user**$ curl --version
curl 7.83.1 (x86_64-pc-linux-gnu) libcurl/7.83.1 OpenSSL/1.1.1n zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 nghttp2/1.43.0
Release-Date: 2022-05-11
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL TLS-SRP UnixSockets zstd
Click to expand...
 
Some possibilities for troubleshooting:

- Do you perhaps have multiple Curl versions installed, i.e. both the Debian package version and the Custombuild version?

Check with:

Code: 
apt-cache policy curl
Code: 
/usr/bin/curl --version
Code: 
/usr/local/bin/curl --version

This is probably not the issue as normally the ftp_upload.sh script would make use of the Custombuild version:

Code: 
CURL=/usr/local/bin/curl
if [ ! -e ${CURL} ]; then
                CURL=/usr/bin/curl
fi

- Perhaps a disk space/quota issue on your backup server?
 
**my user**@da:/home/**my user**# apt-cache policy curl
curl:
Installed: 7.74.0-1.3+deb11u1
Candidate: 7.74.0-1.3+deb11u1
Version table:
*** 7.74.0-1.3+deb11u1 500
500 http://asi-fs-d.contabo.net/debian bullseye/main amd64 Packages
100 /var/lib/dpkg/status
Click to expand...
**my user**@da:/home/**my user**# /usr/bin/curl --version
/usr/bin/curl: /usr/local/lib/libcurl.so.4: no version information available (required by /usr/bin/curl)
curl 7.74.0 (x86_64-pc-linux-gnu) libcurl/7.83.1 OpenSSL/1.1.1n zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 nghttp2/1.43.0
Release-Date: 2020-12-09
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL TLS-SRP UnixSockets zstd
WARNING: curl and libcurl versions do not match. Functionality may be affected.
Click to expand...
**my user**@da:/home/**my user**# /usr/local/bin/curl --version
curl 7.83.1 (x86_64-pc-linux-gnu) libcurl/7.83.1 OpenSSL/1.1.1n zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 nghttp2/1.43.0
Release-Date: 2022-05-11
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL TLS-SRP UnixSockets zstd
Click to expand...

It seems like I have two versions of cURL? one from custombuild and one from apt?
Ïf so that would be weird as it is an clean install and I never told apt to install cURL as I always do it via custombuild.
 
I removed cURL with apt remove -y curl.
After that I did a manual backup but still the same issue.
 
Yeah it's probably not the cause of your issue. curl (apt-package) could be installed by default, depending on your Debian install type. It's also necessary for the initial DA install, so before the installation of the Custombuild version:

Code: 
bash <(curl -LSs https://download.directadmin.com/setup.sh || curl -LSs https://download-alt.directadmin.com/setup.sh) 'Provided license key should go here'

As for your issue, did you check available disk space / quota / inodes on your backup server?
 
wtptrs said:
Yeah it's probably not the cause of your issue. curl (apt-package) could be installed by default, depending on your Debian install type. It's also necessary for the initial DA install, so before the installation of the Custombuild version:

Code: 
bash <(curl -LSs https://download.directadmin.com/setup.sh || curl -LSs https://download-alt.directadmin.com/setup.sh) 'Provided license key should go here'

As for your issue, did you check available disk space / quota / inodes on your backup server?
Click to expand...

Yes I check it but as an administrator I have no limits on it.
And the server itself is not full at all as it is close to a clean install.
 
Exactly the same problem here, occurs only when using FTPS, the backup will be good, but the error is odd. No solution yet.

ftp_upload.php output: curl: (18) server did not report OK, got 451

Hi there, Attempting to perform secure FTP backups from one DA server to another, results in the following error message: Please see this URL and check for curl exit code '(18)': https://help.directadmin.com/item.php?id=2127 User hidden has been backed up. ftp_upload.php exit code: 18...
forum.directadmin.com forum.directadmin.com
 
If you're using ProFTPd, you can try adding the following in your backup server proftpd.conf:

  • NoSessionReuseRequired
    As of ProFTPD 1.3.3rc1, mod_tls only accepts SSL/TLS data connections that reuse the SSL session of the control connection, as a security measure. Unfortunately, there are some clients (e.g. curl) which do not reuse SSL sessions.
    To relax the requirement that the SSL session from the control connection be reused for data connections, use the following in the proftpd.conf:
    <IfModule mod_tls.c>
    ...
    TLSOptions NoSessionReuseRequired
    ...
    </IfModule>
 
wtptrs said:
If you're using ProFTPd, you can try adding the following in your backup server proftpd.conf:

  • NoSessionReuseRequired
    As of ProFTPD 1.3.3rc1, mod_tls only accepts SSL/TLS data connections that reuse the SSL session of the control connection, as a security measure. Unfortunately, there are some clients (e.g. curl) which do not reuse SSL sessions.
    To relax the requirement that the SSL session from the control connection be reused for data connections, use the following in the proftpd.conf:
    <IfModule mod_tls.c>
    ...
    TLSOptions NoSessionReuseRequired
    ...
    </IfModule>
Click to expand...
Thanks for the info.
DirectAdmin installs Pure-FTPD by default now.
So I am running Pure-FTPD but I can not find how to change that for Pure-FTPD.

Any idea how to do that?
 
Last edited:
I added that setting to pure-ftpd and restart it.
But when creating the backup I still get the same error.
 
You must log in or register to reply here.
Back
Top