Secure FTP (SFTP) Using a Secure FTP Client

Get the Edge

Secure FTP (SFTP) Using a Secure FTP Client

Secure FTP (SFTP) for fast easy file transfer is hard to beat. Basic FTP however is not secure and all transmissions are in clear text. Before the widespread deployment of wifi, intercepting these data packets required a determined hacker with the means to intercept this traffic between point A (e.g. your computer) and point B (e.g. your hosting site). This is known as packet sniffing. The intercepted packets of data are clearly readable. With wifi and hotspot access becoming ubiqutous, it’s now fairly trivial for hackers to grab your data stream which could contain potentially sensitive information such as your username and password.

The good news is that it’s easy to prevent this or at least make it more difficult by using secure FTP. The following examples explain how to configure FileZilla and WinSCP as secure FTP clients connecting to a shared account on Hostgator. Check with your web host for availability, ports and possible cost. For example: secure FTP (SSH enabled) on a Hostgator shared account is free but on LunarPages it costs $2/mth IF you’re on a server that supports SSH.

NOTE: If you have a HG VPS or dedicated server account, you can further enhance security by using SSH Keys and disabling username and password authentication for your SSH connections. Here is a tutorial that will step you through the process: https://support.hostgator.com/articles/specialized-help/ssh-keys.

For this example we will configure a secure FileZilla site profile.

IMPORTANT: If you are on a shared account, you MUST use your cPanel user/password in order to use SFTP otherwise you will have to use plain FTP.  If you must grant FTP access then be sure to set the Directory (cPanel>FTP accounts>Add FTP Account) path to ONLY the required domain and/or folder to limit your exposure.

How to configure FileZilla as a secure FTP (sftp) client

Secure FTP (sftp) using SSH

Step 1: Enable SSH (secure shell)

Verify with your web hosting provider that SSH is enabled for the domain that you want to connect to via SFTP. For Hostgator call support and they will enable SSH. If you have a Hostgator shared hosting account with a primary and addon domains, enabling SSH on your primary domain also enables SSH for your addon domains.
Confirm with support which port SFTP will be using. For Hostgator shared accounts this is port 2222. If you have a VPS or dedicated server this will be port 22, however you can and should change the port to something less well known.

Step 2: Configure a secure FTP (SFTP) site profile

Open FileZilla and create a new site. Give your site a name.
For the Host field you can use either the ip address of your server or
your domain name.
Fill in the port with the port number you obtained from your webhost.
Change the Server Type to SFTP – SSH File Transfer Protocol.
Change the Logon Type to Normal.
Enter your cPanel username and password.
You can now click OK to save or Connect to connect to your site.
Test your connection and if successful any future connections through this site profile will be encrypted.

Secure FTP | FileZilla

For this example we will configure a secure WinSCP session profile.

How to configure WinSCP as a secure FTP client

Secure FTP using SSH

Step 1: Enable SSH (secure shell)

Verify with your web hosting provider that SSH is enabled for the domain that you want to connect to via SFTP. For Hostgator call support and they will enable SSH. If you have a Hostgator shared hosting account with a primary and addon domains, enabling SSH on your primary domain also enables SSH for your addon domains.
Confirm with support which port SFTP will be using. For Hostgator shared accounts this is port 2222. If you have a VPS or dedicated server this will be port 22, however you can and should change the port to something less well known.

Step 2: Configure a secure FTP (SFTP) session profile

Open WinSCP and create a new session.
For the Host field you can use either the ip address of your server or
your domain name.
Fill in the port with the port number you obtained from your webhost.
Enter your cPanel username and password.
Make sure that the File Protocol is SFTP.
You can now click Save or Login to connect.

Secure FTP | WinScp

Use secure FTP (SFTP) for secure file transfers and you’ll sleep better knowing that you’ve taken another step to protect your business.

Need help with a hacked site? Go here: Sucuri.net

Download this article, Secure FTP (SFTP) Using a Secure FTP Client, in pdf format.

CloudFlare Cloudflare Warp · Jump on the Internet fast lane by installing the WARP app. It's free and protects you from malware and Internet spies! #1dot1dot1dot1 1.1.1.1 — The free app that makes your Internet faster and safer. CloudFlare Warp+
Liquid Web Storm VPS

eclincher

eclincher social media management platforHarness the power of social media with the eclincher professional grade social media management platform.