Enabling TLS on Common FTP Software
In today's world with a high magnitude of scripts automatically set to sniff for password data, there is a high demand for always using https on web sites. In the same way, we believe FTPS should be enforced for all FTP transactions.
In this wiki we go through the steps to enable FTPS/TLS on popular and less common FTP clients.
Enabling TLS on Popular FTP Software
- Open your FileZilla client, then click 'File'->'Site Manager'.
- In the Site Manager window, click 'New Site'.
- Input the FTP server information from your service's welcome e-mail.
- Under 'Encryption', select the 'Require Explicit FTP over TLS' option from the drop-down.
- Change the 'Logon Type' to 'Normal'.
- Enter your FTP account's 'Username' and 'Password'.
- Click 'OK' to save this connection.
- To connect, open 'Site Manager', or click the drop-down arrow next to the 'Site Manager' icon.
Please note: FileZilla does not trust any SSL certificate as valid automatically, even when the SSL certificate was signed by a trusted source (as our certificate is). The developers of FileZilla believed that it is up to individual users to decide if they will accept the certificate.
- Open the WinSCP client
- Create a new site or edit an existing site
- Change the File protocol to "FTP"
- Change the Encryption to "TLS Explicit encryption"
- Change the Host name to your domain (Example: yourdomain.com)
- Change the Port number to 21
- Change the User name to your FTP username
- Change the Password to the password that corresponds with your FTP username
- Click the Save button
- Click the Login button to connect
Below is an image of the WinSCP Session window for reference:
Below is an example FTP over SSL/TLS setup for Dreamweaver version 6.0 and above. Dreamweaver versions prior to CS5.5 do not allow for secure FTP. If you are in this situation, you will be required to use an external FTP program such as FileZilla.
- Open up Firefox and click on Tools > Web Developer > FireFTP
- Click on the "Main" tab. Set up your FTP connection as usual:
- Next, click on the Connection tab. Select the "Security" drop-down and then click "Auth TLS".
- Click File > "New Connection"
- Set the "Protocol" Field to "FTPS (Explicit)"
- Fill in the following fields:
- Click 'OK' to connect.
- On the main menu, click File > New > FTPS with TLS/SSL (AUTH TLS - Explicit) Site.
- Under the 'General' tab, enter the following:
- Click the 'Type' tab at the top when the above information has been filled in.
- Select 'FTP with TLS/SSL (AUTH TLS - Explicit)' on the 'Protocol Type' drop-down. Leave the rest of the information as default.
- Click 'Connect'. When prompted, accept the SSL certificate.
- Click 'Sites' > 'Site Manager'
- Click 'New Site' at the bottom left of the new window.
- Choose a name for your site and click 'OK'.
- Under 'Connection Type:' select 'FTP using Explicit SSL (Auth TLS)'.
- In the 'Address' box, type the URL of your site or the IP of the server (either will work).
- Enter the following:
- Click 'Apply', then 'Connect'.
- Click File > Connect.
- Click 'New Site' at the top-left.
- Any other information is optional.
- Click 'Connections' > 'New Connection...'
- Choose a name for the connection.
- Under 'Connection Type:', select 'FTP/SSL (AUTH SSL)'.
- In the 'Server Address:' field, enter in the URL of your site or the IP of the server. (?)
- Username: Your cPanel username. (?)
- Password: Your cPanel password. (?)
- Click Finish.
- Click 'Connections' > 'Site Manager'.
- Click 'Edit' next to the site you would like to modify.
- Click 'Advanced', then change the 'Server Type' dropdown to 'FTP/SSL (AUTH SSL)'.
- Click OK.
Core FTP LE
- Click File->Connect.
- Enter the following:
- Click Connect.
FTPSurfer does not support FTP over explicit SSL at this time. Please use an alternate FTP client.
Expression Web 4
Expression Web 4 does not support FTP over TLS, however it will support FTPS requests using port 990.
Server information can be found in your Hostek.com welcome e-mail that you receive upon purchasing a service with Hostek. If you are missing this e-mail or any log-in information, please submit a ticket via https://support.hostek.com and we'd be glad to send it once more.