The File Transfer Protocol, or FTP, is used to transfer files between a client and a server. That is, you can use FTP to copy files to and from your computer and your server.
You can use cPanel’s FTP Accounts option to manage FTP accounts. You may not have to do so though, as two so-called “special” FTP accounts are created automatically:
The two special FTP accounts are always linked to your cPanel account. When you change your cPanel password the password for the special accounts are automatically updated. Also, it is not possible to delete the special FTP accounts.
There are various reasons why you might want to create additional FTP accounts. For instance, you might want to give your web developer access to your website files without giving him or her access to the control panel. Creating an FTP account is easy but there are a few things you need to be aware of.
One common issue is that new FTP user can connect but can’t see any files. This happens when you accept the default home directory for new FTP users. In a way, creating FTP accounts in cPanel is too easy. You only need to pick a user name and password. cPanel automatically give the FTP user a home directory, so that should be it, right?
Image: Creating an FTP account for firstname.lastname@example.org).
The answer is ‘no’. In the above example I am creating an FTP account for the user email@example.com and the user’s directory is automatically set to /home/example/public_html/example.net/webdev. In most cases, that is not what you want. The user won’t be able access anything below the directory. That includes the public_html directory, and so the web developer won’t be able to access the website files.
It is usually best to change the directory to the public_html directory. That gives the user access to the website files, but not to for instance the mail folder (which contains your emails).
FTP accounts you create are listed on the FTP Accounts page. There are a couple of actions you can perform on FTP accounts:
Image: managing existing FTP accounts.
For the most part these options are self-explanatory. But, there is one other thing to be aware of. When you delete an FTP account you got the option to also delete the user’s home directory. Don’t select this option if you changed the FTP user’s directory to the public_html folder. Deleting the user would also delete all your website files.
The configuration files you can download contain the settings for the FTP user. When you open the file in your FTP client it should automatically configure the account. In FileZilla, you can open configuration files via File » Import….
The file does not include the FTP password. When you import the file it adds the FTP account to the list of accounts. You are prompted for the password when you connect to the server.
Also, by default the host name is ftp.[your-domain]. That works if there is an A record for the ‘ftp’ subdomain that points your server. If the DNS for your domain is managed elsewhere then you might want to use the server’s hostname or IP address instead.
You are not limited to using FileZilla, CoreFTP or Cyberduck; you can use any FTP client to connect to the server. The main restriction is that your FTP client needs to have support for current TLS (encryption) standards. If your FTP client is up to date then that won’t be an issue. However, if you get errors messages that mention SSL or TLS, feel free to contact us and we will look into the issue.
Most FTP clients ask for three bits of information when you configure an FTP account:
You can usually leave the port number blank. If you need to enter a port number, use port 21. The type of encryption should specify that you are using TLS. In FileZilla, you can use Require explicit FTP over TLS.
Image: setting up our new FTP user in FileZilla.
When you first connect to the server your FTP client is likely to ask if you want to trust the server’s SSL certificate. This doesn’t indicate an error. It just means that your FTP clients doesn’t know about the server, and it therefore wants you to check if the certificate is trustworthy. The certificate details should show the name of the server you are connecting to. You normally only have to accept a certificate once.
Image: FileZilla has connected to the server.
By far the most common FTP errors are authentication failures and SSL/TLS errors. An authentication error happens when the FTP host name, user name and/or password is incorrect. If you run into an authentication error, tripple-check that the settings you entered are correct.
SSL/TLS errors are, as mentioned, often the result of not using a secure connection type. You may need to change the type of encryption in your FTP client. If you use a legacy FTP client that doesn’t have support for TLS 1.2 then you can try using another FTP client, such as FileZilla.
There are many less common FTP errors. One thing that might be worth checking is whether or not your FTP client uses passive mode (which is the recommended setting – it can prevent firewall-related issues). Another possibility is that the server has blocked your IP address. That can happen if there have been too many authentication errors in a short period of time. Please contact us if you get stuck – we are always happy to help.