Managing FTP accounts in cPanel

Call Us 0800 107 7979

Service Status

Back to knowledgebase

Last updated: 30 March 2021

The File Transfer Protocol, or FTP, is used to transfer files between a client and a server. That is, you can use FTP to copy files to and from your computer and your server.

Special FTP accounts

You can use cPanel’s FTP Accounts option to manage FTP accounts. You may not have to do so though, as two so-called “special” FTP accounts are created automatically:

The first account uses the same user name and password you use to log in to cPanel.
The second account can be used to download log files.

The two special FTP accounts are always linked to your cPanel account. When you change your cPanel password the password for the special accounts are automatically updated. Also, it is not possible to delete the special FTP accounts.

Creating a new FTP account

There are various reasons why you might want to create additional FTP accounts. For instance, you might want to give your web developer access to your website files without giving him or her access to the control panel. Creating an FTP account is easy but there are a few things you need to be aware of.

One common issue is that new FTP user can connect but can’t see any files. This happens when you accept the default home directory for new FTP users. In a way, creating FTP accounts in cPanel is too easy. You only need to pick a user name and password. cPanel automatically give the FTP user a home directory, so that should be it, right?

Image: Creating an FTP account for webdev@example.net).

The answer is ‘no’. In the above example I am creating an FTP account for the user webdev@example.net and the user’s directory is automatically set to /home/example/public_html/example.net/webdev. In most cases, that is not what you want. The user won’t be able access anything below the directory. That includes the public_html directory, and so the web developer won’t be able to access the website files.

It is usually best to change the directory to the public_html directory. That gives the user access to the website files, but not to for instance the mail folder (which contains your emails).

Editing FTP accounts

FTP accounts you create are listed on the FTP Accounts page. There are a couple of actions you can perform on FTP accounts:

Change the password
Change the quota (that is, the amount of bandwidth the FTP user may use)
Delete the account
Download a configuration file for three common FTP clients: fileZilla, CoreFTP and Cyberduck

Image: managing existing FTP accounts.

For the most part these options are self-explanatory. But, there is one other thing to be aware of. When you delete an FTP account you got the option to also delete the user’s home directory. Don’t select this option if you changed the FTP user’s directory to the public_html folder. Deleting the user would also delete all your website files.

Configuring FTP clients

The configuration files you can download contain the settings for the FTP user. When you open the file in your FTP client it should automatically configure the account. In FileZilla, you can open configuration files via File » Import….

The file does not include the FTP password. When you import the file it adds the FTP account to the list of accounts. You are prompted for the password when you connect to the server.

Also, by default the host name is ftp.[your-domain]. That works if there is an A record for the ‘ftp’ subdomain that points your server. If the DNS for your domain is managed elsewhere then you might want to use the server’s hostname or IP address instead.

General settings

You are not limited to using FileZilla, CoreFTP or Cyberduck; you can use any FTP client to connect to the server. The main restriction is that your FTP client needs to have support for current TLS (encryption) standards. If your FTP client is up to date then that won’t be an issue. However, if you get errors messages that mention SSL or TLS, feel free to contact us and we will look into the issue.

Most FTP clients ask for three bits of information when you configure an FTP account:

The host name you are connecting to. As mentioned, this is often the FTP subdomain (i.e. ftp.example.com) but it can also be the server’s hostname or the server’s IP address.
The user name. The FTP user I created is webdev@example.net, so that is the user name. If you connect using your main cPanel account then the user name is your cPanel user name.
The password. This is the password you chose when you created the FTP account. Or, if you are connecting using your main account then this is your cPanel password.

You can usually leave the port number blank. If you need to enter a port number, use port 21. The type of encryption should specify that you are using TLS. In FileZilla, you can use Require explicit FTP over TLS.

Image: setting up our new FTP user in FileZilla.

SSL warnings

When you first connect to the server your FTP client is likely to ask if you want to trust the server’s SSL certificate. This doesn’t indicate an error. It just means that your FTP clients doesn’t know about the server, and it therefore wants you to check if the certificate is trustworthy. The certificate details should show the name of the server you are connecting to. You normally only have to accept a certificate once.

Image: FileZilla has connected to the server.

Common FTP errors

By far the most common FTP errors are authentication failures and SSL/TLS errors. An authentication error happens when the FTP host name, user name and/or password is incorrect. If you run into an authentication error, tripple-check that the settings you entered are correct.

SSL/TLS errors are, as mentioned, often the result of not using a secure connection type. You may need to change the type of encryption in your FTP client. If you use a legacy FTP client that doesn’t have support for TLS 1.2 then you can try using another FTP client, such as FileZilla.

There are many less common FTP errors. One thing that might be worth checking is whether or not your FTP client uses passive mode (which is the recommended setting – it can prevent firewall-related issues). Another possibility is that the server has blocked your IP address. That can happen if there have been too many authentication errors in a short period of time. Please contact us if you get stuck – we are always happy to help.

Featured Blogs

Exploring the Costs Associated With a Website

What our clients say

catalyst2 support people know their environment and how to manipulate it to the customers advantage.

Mark Hamilton, Filter Solutions

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.

Necessary

Always Enabled

Functional

Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.

Cookie	Duration	Description
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	2 years	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Performance

Analytics

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_5562310_11	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Others

Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.

Cookie	Duration	Description
_ashkii	session	No description available.
_wicasa	3 months	No description available.
AnalyticsSyncHistory	1 month	No description
cookid	3 months	No description available.
cookietest	session	No description
crisp-client/domain-detect/1644827320973	session	No description
crisp-client/domain-detect/1644827348275	session	No description
crisp-client/domain-detect/1644827428415	session	No description
crisp-client/domain-detect/1644827479357	session	No description
crisp-client/domain-detect/1644827596454	session	No description
crisp-client/domain-detect/1644827724838	session	No description
crisp-client/domain-detect/1644827824383	session	No description
crisp-client/domain-detect/1644827878659	session	No description
crisp-client/domain-detect/1644828716243	session	No description
crisp-client/domain-detect/1644828846246	session	No description
crisp-client/domain-detect/1644829369013	session	No description
crisp-clientsession30cc6953-ebcf-4bc6-b649-c44eb446409e	6 months	No description
dbmFP	3 months	No description available.
dbmPK	3 months	No description available.
li_gc	2 years	No description