FTP Security :: Harden Your FTP Server


secure-ftpWhat follows are a series of articles discussing website security, and how to make your website more secure. Before there was the Web, there were hackers. Hackers have always been in the mix, and the birth of the World Wide Web provided hackers another playground to spoil. But if one is careful and vigilant, one can defend oneself against hackers. This first article will focus on FTP security.


It is of critical importance to maintain FTP security in order to prevent unauthorized access by third parties like hackers. If a hacker gains access to your FTP server, they can cause many problems:


1. Wipe your server: delete files, databases, and content.
2. Gain access to privileged content like passwords (root server passwords and client passwords), client data, and content.
3. Install a root kit (collection of computer software, typically malicious, designed to enable access to a computer or areas of its software that would not otherwise be allowed (for example, to an unauthorized user) while at the same time masking its existence or the existence of other software)


But, they can do even more damage. It is avoidable, and we provide some tips to keep your FTP server locked down:


1. Change your password on a regular basis. For example, change your FTP password monthly, or when you suspect that your server has been hacked. When choosing a password, choose a strong password: a random alphanumeric password which also contains special characters. A good tool to generate strong passwords is our PassMeter Tool: https://www.password-sentry.com/passmeter/
2. If you provide FTP access to a third party, make access temporary. After they are done, delete the FTP account ASAP. And, grant them access only to the directory(ies) they are working in.
3. Use a IP whitelist. Only grant FTP access on the basis of IP address.
4. Use SFTP instead of FTP. Unlike standard File Transfer Protocol (FTP), SFTP encrypt commands and data both, preventing passwords and sensitive information from being transmitted in the clear over a network.


I recommend you utilize all the tips. A FTP server cannot be too secure.

Leave a Reply