If you have problems establishing an FTP connection to a domain that is protected by CloudFlare, That’s because CloudFlare will only proxy traffic going through specific ports; standard FTP ports are not included. Here’s how you can work around that in order to connect to your FTP server:
Option 1: Connect to the IP (preferred)
Connecting to the IP means you are bypassing CloudFlare’s protection which happens at the DNS level. As such, you will have no issues connecting via IP through your terminal (ftp 1.2.3.4) or using your FTP client of choice.
Option 2: Create a grey-clouded record for your FTP that’s on the same IP as your webserver
If Option 1 doesn’t satisfy you, and you’re not overly worried about your site being attacked, or attackers finding out your IP address, you could simply create a DNS record that has CloudFlare turned off.
The root domain also points to the same server (both point to 1.2.3.4), which means that attackers can easily find your server’s IP address and bypass CloudFlare’s protection. If you attempt a configuration like this, we will inform you about the security risk with an orange exclamation mark, as seen on the image above.