: What is the operating system on your server? Do you have a dedicated server, or are you on a shared hosting? If you have a dedicated server and it's OS is GNU/Linux or Unix like (BSD,
What is the operating system on your server?
Do you have a dedicated server, or are you on a shared hosting?
If you have a dedicated server and it's OS is GNU/Linux or Unix like (BSD, MacOS), you must shut down your FTP server, and use SSH instead of it to put file on it:
FTP is a very bad protocol, because it's totally unencrypted. Actually, most FTP client (like FileZilla, who is free for Windows, GNU/Linux and MacOS X) support SSH for file transfer, so why keep a week and unencrypted service open?
You cans also use WinSCP for this.
It's just a other door to try for cracker, sniffing your network for login/password and files, or for brut force attacks.
if you are on a shared hosting, it seems that you don't have the choice: ask the support of your provider about it, but few of them let you use SSH instead of FTP, and even you can use SSH (like some hosting plan with 1and1), the FTP service will always work for you as for the others customers.
At this point, you must be aware of one thing : shared hosting who permit both SSH and FTP often use same login/password for the two protocols!
So, NEVER user FTP in this case, because you can reveal your SSH login at this occasion to anyone listening the traffic between you and your server.
If you are under Windows environment, then, try FTP with SSL, it's better than nothing.
You can also install a Cygwin environment with an SSH server. It's a bit complicated to do it properly, without creating new vulnerabilities, but when it's properly done, it's the better option in this case IMHO!
More posts by @Pierce454
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.