Categories

12
CGI and PHP scripting
 41
Cpanel Hosting Questions
 1
DirectI Questions
 28
Domain Names & DNS
 2
E-Commerce Hosting
 41
Email Questions
 24
FTP Questions
 12
Getting Started
 2
Linux Questions
 25
MySQL Questions
 41
Plesk
 1
Search Engine
 1
Site Builder Help
 6
Usage Policy
 19
WHM Questions
 34
WHMCS Questions

  Categories

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket

FTP Security --Securing your site. Print

  • 0

Securing FTP transfers can be done using several methods. FTP was not designed as a secure protocol. This being said, it is always a good idea to take steps towards ensuring your site’s security! Below I’ll go over a couple of easy ways to keep your ftp transfers secure.

 

Creating ftp.allow/deny files.

 This method is used when you are hosting on a Linux server. When ever a ftp session is started, the ftp client searches the home directory for an ftp.allow to see if the IP address your are connecting from is allowed in. If your IP address is permitted or on the allow list then you are allowed to connect. If this ftp.allow file is not found however then another check is performed. This next check looks for a file name ftp.deny. If your IP address is found on this ftp.deny file you are not able to connect.

 

These files must be created as they are not present by default. Below I’ll go through the steps to create these files.

 1.  Access your customer control panel.

 2. Choose File Manager.  This will take you to the home directory via webshell

 3. While in the home directory click on the File option

 4. OK so now you get to choose which IP addresses are to be allowed ftp access.  Each IP address will need to be on a separate line.  Say you only want to allow your home address for example. To do this you would only have one line with your home IP address. If you do not know your current IP address click here.(https://www.whatismyip.com/) Change the name to ftp.allow. Then you’ll add your allowed IP addresses. After making a line for each IP click the save button.

 

5. Next repeat step 3. This time we are changing the file name to ftp.deny. This time in the body of the text you’ll add a line for each IP you want to block. Be sure to save.

If you wanted to block ALL IP addresses that are not on the ftp.allow list make your ftp.deny file.

If you were to block a specific set of IP addresses you can also do the same.

 

Now if your on a Windows server the process is almost identical. The only difference being you only need one file. This file is known as a .winftpaccess file

 

Was this answer helpful?

Related Articles

Can I use FTP before my domain has propagated? Yes you can. To do this you must use your IP  from your setup email as the FTP address.... Do you support anonymous FTP ? No, for security purpose we do not support anonymous FTP. How do I connect and upload via FTP with Dreamweaver ? Step 1: Open DreamWeaver. Click on Site and choose Manage Sites. Step 2: Click the New button... I just uploaded something and I can't see it! What's going on?? Once in a while, when you've just uploaded a file via FTP, it won't show up on the list of files... What are all these directories I see in my account? /home/username/public_html is where you place your web files. Anything you place in this...
« Back

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket