May

23
2004

Explain FTP and the Secure Web Server

As a former host and someone who manages both a semi-public linux server as well as Windows servers at work, let me ask a question. How does an enterprise claim security in their systems when they allow their users to use FTP to transfer files? The tried and true method of moving files to the internet for use on the web is File Transfer Protocol. Well, it’s tried anyways. The fact is that FTP broadcasts username and password in plaintext. People are getting sold a bill of goods if they believe they can’t get hacked, their sites can’t be exploited, they are on a “secure” web server when FTP is running. The same can be said of Telnet but thankfully, telnet is generally disabled.

So what to do about FTP? The answer? SFTP, or Secure File Transfer Protocol. Not a new technology. Just more unknown and uncommon. It is FTP over Secure Shell protocol. The same way users would login to the commandline of their linux web hosting is the same protocol that SFTP works on.

Next time you work on a website, try SFTP instead of FTP. You’ll find that your site is less likely to be hacked.

Cheers.
Aaron

Stumble it!

About the Author: Aaron Brazell is the lead editor of Technosailor.com and a social media expert. His passion is to see companies and individuals use the internet and web technologies wisely and effectively to promote their brands and companies. He is Business Development Manager for Lijit and he worked as Director of Technology at b5media from 2005-2008 and is currently an independent consultant.

Tagged: at 7:29 pm -

Viewing 5 Comments

Rad S. 4 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

You could speed up that code by using =& instead of = when assigning those data variables (title, artist, album, etc..)

http://yayforgecko.net/

Aaron 4 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Good call. Fixed…

http://www.emmense.com

Stacie 4 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

5 years ago, I began taking classes to be a web designer - and I wanted to do the neat stuff like Flash. However, I got a job as a government contractor and found myself working on Section 508 websites. I thought that it would stifle my creativitiy until I learned that much of accessibility is following best practices for HTML, CSS, etc. If you compare W3C and Section 508 guidelines, many are identical. And as we enter the age of handhelds, it's becoming more important for people to design for all mediums. Even those with a lap top and no mouse can have issues navigating many websites.

I am still torn between creativity and Section 508, but I have found that following simple coding standards eliminates many accessibility issues.

http://www.staciecdembeck.com

Cheah Chu Yeow 3 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

The comments don't make sense. Seems like something's messed up.

Anyway, SFTP isn't really FTP. It's really just a wrapper around scp. But nice recommedation. I often don't run a FTP daemon by default.

http://blog.codefront.net/

Aaron 3 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

probably something lost in the Textpattern to Wordpress upgrade a few months ago. The entry is 5 months old so I think I'll let it pass.

http://www.technosailor.com

blog comments powered by Disqus

License Creative Commons Attribution-Noncommercial-Share Alike 3.0 | Copyright © 2004 - 2008 - Aaron Brazell | Lisa helped out | Privacy Policy

Twitter Pitch!
<p>Twitter pitching is a form of pitch that requires succint "what does this mean for me" kind of pitching. It is the ultimate efficiency of words. You have 140 characters or less to tell me why your pitch matters to me or my readers. Please include a means of contacting you. This is included in your 140 characters. If you send successive pitches, you will likely be ignored, unless it's obvious that the first pitch was a case of "accidental send", etc.</p> <p>This form of pitching does not mean I'm being a diva. It means that my time is valuable, and you want a piece of it. It's good practice for you, and delivers your pitch in a format I want. Win-win.</p>
Pitch (characters remaining: ):
What does 7 + 5 equal?

(X) Close

Twitter Pitch Me!

Explain FTP and the Secure Web Server

Viewing 5 Comments

Recent Posts

Recent Comments

Twitter Pitch!

Explain FTP and the Secure Web Server

Viewing 5 Comments

Recent Posts

Recent Comments

Tags

Twitter Pitch!