- To ensure account security by requiring logins to go through a secure connection and rejecting any logins that are not on a secure connection. Network connections can be monitored (sniffed) for logins and this is especially true for hotspots.
- To ensure PCI security standards requirements of any control channel being encrypted/secure
Most FTP clients support FTPS and for those that do not, you should ask the developer for support. When using FTPS, make sure to select one of the following options if given:
- FTP over SSL
- FTPS
- FTP over SSL (explicit)
FTPS is different then SFTP (shell/secure ftp) as SFTP requires a shell/ssh user and uses port 22 to connect and we currently do not support this setup on our shared servers.
The port for FTPS is the normal port for ftp: 21
Some programs, like Filezilla, require you to create an entry in their site / ftp / bookmark manager before you can select FTPS options.
FTP Clients known to work with FTPS:
- Filezilla (latest) -- tested
- Cyberduck -- tested
- Transmit (best option for Mac OS X) -- tested and used personally by staff
- Dreamweaver CS 4 -- no options for FTPS
- Frontpage (newer versions may work, but not tested) -- no options for FTPS
- NetBeans -- no options for FTPS
- Cutefp - see http://www.globalscape.com/support/genusage6.aspx for fix
Filezilla usage of FTPS:
- Go to File -> Site Manager
- If you do not have a site yet, click "New site"
- With your site selected, enter the same information you would have used for quick connect
- Under the "Encryption" popup menu, select FTP over explicit SSL
- Save the new/existing site and try to connect.
Transmit:
- On the connect to ftp server window, select "FTP with TLS/SSL"
- If you have any saved favorites, just update the same setting for them.
CyberDuck:
- Under the open connection window, select "FTP-SSL (Explicit AUTH TLS)" and update any bookmarks with the same setting
Other FTP Clients:
Most other ftp clients have similar settings, though they maybe in different locations. Most times it will be in the same location as the server address and user login info.