I'm trying to upload a file to a ftp-server via http-proxy with a php-script and curl. I'm using the method described here: Upload the file to the FTP server over HTTPS using curl in php. Our company uses ZSCALER for safety reasons, and I got the message back "Not allowed to use FTP over HTTP for non-GET/non-HEAD request". If I use FileZilla on the very same machine, I can upload files with the same proxy settings w/o problems.
I tried my script in browser and with Postman, both don't work. Postman gives back the same html-site I get in the browser.
the code in PHP:
$fp = fopen($filepath, 'r');
$ftp_url = "ftp://user:password@url/"."test.txt";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $ftp_url);
curl_setopt($ch, CURLOPT_UPLOAD, 1);
curl_setopt($ch, CURLOPT_INFILE, $fp);
curl_setopt($ch, CURLOPT_INFILESIZE, filesize($filepath));
curl_setopt($ch, CURLOPT_PROXY, "proxy-url");
curl_setopt($ch, CURLOPT_PROXYPORT, 8080);
curl_setopt($ch, CURLOPT_PROXYTYPE, 'HTTP');
//curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1); //with this option I get a timeout
//curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxy_login); //I don't need proxy credentials
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//curl_setopt($ch, CURLOPT_FTPLISTONLY, 1); //that was for test, that works, but the output was formatted by zscaler
$result = curl_exec($ch);
curl_close($ch);
In FileZilla the settings for the ftp-connection are under generic proxy "Type of generic procy" "HTTP/1.1 using the 'CONNECT' method"
If anyone knows another method in php to put files on ftp over http-proxy I will try it also. I found no examples in Internet using the "plain" ftp methods in php, so that doesn't work?
Log of FIleZilla:
Status: Connecting to ftp-url through HTTP proxy
Status: Connecting to proxy-url:8080...
Status: Connection with proxy established, performing handshake...
Response: Proxy reply: HTTP/1.1 200 Connection Established
Status: Connection established, waiting for welcome message...
Response: 220 Zscaler/6.2: USER expected (Unix syntax)
Status: Plain FTP is insecure. Please switch to FTP over TLS.
Command: USER ftp-user
Response: 331 Password required
Command: PASS ********
Response: 230-User ftp-user has group access to: www-data
Response: 230 OK. Current directory is /
Command: SYST
Response: 215 UNIX Type: L8
Command: FEAT
Response: 211-Extensions supported:
Response: EPRT
Response: IDLE
Response: MDTM
Response: SIZE
Response: REST STREAM
Response: MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Response: MLSD
Response: AUTH TLS
Response: PBSZ
Response: PROT
Response: UTF8
Response: TVFS
Response: ESTA
Response: PASV
Response: EPSV
Response: SPSV
Response: ESTP
Response: 211 End.
Command: OPTS UTF8 ON
Response: 200 OK, UTF-8 enabled
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is your current location
Command: TYPE I
Response: 200 TYPE is now 8-bit binary
Command: EPSV
Response: 229 Entering extended passive mode (|||38830|)
Command: MLSD
Status: Connection with proxy established, performing handshake...
Response: Proxy reply: HTTP/1.1 200 Connection Established
Response: 150 Accepted data connection
Response: 226 ftp://ftp-url/ Transfer complete, (company:xxx, 12/14/2022:14:51:32)
Status: Directory listing of "/" successful
I solved this issue.
the curl option CURLOPT_HTTPPROXYTUNNEL has to be set. I got the timeout, because the files are quite big and the connection slow, so I raised the timeout with the option "CURLOPT_TIMEOUT" and now it works fine.