FTP Access Changes

Recently we have made some security changes that effect FTP access to your web server. FTP is an insecure protocol as it passes logins and passwords insecurely over the Internet. In order to maintain the highest security standards as well as continue to provide PCI compliance we have implemented the following necessary changes.

You must use Explicit FTP over TLS in Passive Mode

Most modern FTP clients do support this option. Though some older FTP clients and web development tools such as Dreamweaver and Contribute may not support this added layer of security.

What to do if you can not access your website after making the changes above? It may be that you have been temporarily blocked by the servers firewall - please submit your IP address via a help desk ticket and we will be happy to remove the block.

Not sure how to find out what your IP addres is? Simply go to google.com and type "what is my IP" and it will provide it for you.

What if my FTP client or Web development tool does not support this protocol? You can reach out to the software provider to see if an upgrade or update is necessary to support this level of security.

We can recommend a free FTP Client: Filezilla - https://filezilla-project.org/ - this does provide the necessary security settings required to FTP files to your webserver.

TLS is a means of encrypting data, using a public/private key combination set. This is the same technology that is used to bring secure web browsing (HTTPS) on the web. Note that when you go to purchase an item from a website on the Internet, when you check out most of the time you are taken to a secure website, noted by the HTTPS in the browser's location bar and by the padlock icon in the bottom status bar of your browser. FTPeS is basically the same thing. FTPeS using the same type of technology to encrypt your login credentials as you log into the FTP server. This prevents anything that might be listening on your connection from reading your username and password. Regular FTP will pass this information across your connection in plain text, so if someone was sniffing your connection, they could easily attain your username and password.