Skip to content
Pricing RU Sign In
RU

Port 21: FTP — Complete Guide

By · Updated
TL;DR:

File transfer, unencrypted. Insecure — use SFTP (22) or FTPS. Standard TCP port, used by the FTP service.

Try it now — free →

What is port 21

Port 21 is reserved by IANA for the FTP service. File transfer, unencrypted. Insecure — use SFTP (22) or FTPS.

Check if the port is open online

To find out if port 21 is open on your host (or a third-party's — for diagnostics), use our port checker. Enter a domain and a port number — results arrive in 1-2 seconds.

Check port 21 →

Security

An open port is a potential attack vector. General rules:

  • Close everything you don't use (firewall default-deny)
  • For admin ports (22 SSH, 3389 RDP, 3306 MySQL) — IP whitelist or VPN
  • Base cases: 80+443 open for web; 22 — from work/VPN only; DB ports — loopback only
  • Use fail2ban for SSH/admin panels

Related guides

ICMP PingHost availability and latency
Port ScannerOpen TCP port detection
LatencyResponse time in milliseconds
Packet LossPercentage of dropped packets

Why teams trust us

ICMP+TCP
check protocols
14
key ports scanned
<2s
result
3
regions

How it works

1

Enter IP or domain

2

ICMP packets sent

3

Latency & packet loss shown

How Do Ping and Port Scanning Work?

Ping sends ICMP packets to a host and measures response time. Port scanning checks which TCP ports are open and accepting connections — helping diagnose serviceavailability issues.

Configurable Ping

Choose packet count (3, 4, 6, 10). Stats: min/avg/max latency and packet loss.

Common Port Scanner

Check 14 key ports: HTTP, HTTPS, SSH, FTP, SMTP, MySQL, PostgreSQL, and more.

Cloud-Based Check

Testing from our server — see site availability from outside, not just your local network.

Uptime Monitoring

Need constant monitoring? Create a monitor — checks every minute with notifications.

Who uses this

DevOps

availability diagnosis

Network engineers

TCP port scanning

Developers

connection debugging

SRE

basic health check

Common Mistakes

ICMP blocked = server is downMany servers block ICMP. Ping fails but site works — check ports instead.
High ping = server problemLatency depends on geography. 150ms between continents is normal, not an error.
Closed ports — cause for alarmClosed ports of unused services are good. Unnecessary open ports are a risk.
One check = sufficientNetworks are unstable. A single timeout ≠ a problem. Check multiple times or set up monitoring.

Best Practices

Combine ping and port checksPing shows host availability, ports show specific service availability. Use both.
Check from different locationsThe problem may be local. A cloud test shows the real picture.
Close unused portsEvery open port is a potential attack vector. Keep only necessary ports open.
Set up monitoringManual checks do not scale. Set up automated monitoring with notifications.

Get more with a free account

Ping check history, host availability monitoring and downtime alerts.

Sign up free

Related tools

TracerouteDNS LookupWHOISSSL Check

Learn more

Research

Alternatives

Frequently Asked Questions

Why close port 21?

Every open port is an attacker's entry point. If the service is not used (or uses a different port), close it to minimise attack surface.

How to check port 21 without Enterno.io?

From a local machine: <code>nc -zv hostname 21</code> or <code>telnet hostname 21</code>. The online checker is simpler — from different IPs, one click.

Start monitoring for free

Sign up and get access to API, monitoring and notifications

Create Account API Documentation