FTP, FTPS and FTPES
The File Transfer Protocol dates back to the early 1970s. At the time, the protocol was concerned purely with transferring files between a client and server. As with other tools, such as telnet, security wasn’t a concern.
Security is a major concern nowadays: sending your FTP username and password to a server in plain text is a really bad idea. Although plain FTP is still in use, most people nowadays use FTPES.
FTPS: implicit security
The first attempt to make FTP secure was FTPS. FTPS uses port 990 instead of port 21 to connect securely to a server. FTPS never became a hit, mainly because the FTP protocol doesn’t define the implicit negotiation used by FTPS. That is, FTP clients are supposed to negotiate the level of security with the server, but FTPS doesn’t do that: it implies the use of TLS. Like plain FTP, FTPS has fallen out of favour.
FTPES: explicit security
The method widely in use nowadays is FTPES. With FTPES (explicit FTPS) the client and server use port 21 to negotiate the level of security to be used. The client can ask the server to switch to an encrypted channel via the AUTH SSL or AUTH TLS command, and after the server has established a secure channel the client can securely send the user credentials.
Confusing lingo
The reason many people are confused about different FTP methods is that it is reasonable to assume that FTPS means secure FTP, in the same way that HTTPS is secure HTTP and IMAPS is secure IMAP. However, when people talk about FTPS they usually talk about FTPES. Here is a quick recap of the differences:
| Type | Port | Notes |
|---|---|---|
| FTP | 21 | Plain text communication between client and server. |
| FTPS | 990 | TLS implied (no negotiation between client and server) |
| FTPES | 21 | Level of security is negotiated between client and server |
What about SFTP?
SFTP is another protocol for transferring files. Other than that SFTP has nothing in common with FTP, FTPS and FTPES. SFTP is short for SSH File Transfer Protocol and is an extension of the SSH protocol. This implies that the client needs to have shell access in order to use SFTP. By default, it uses the SSH port (22).
Featured Blogs
Seven Ways we Avoid Server Downtime
As a business owner, there’s a lot that you have to think about. And one of the major factors to consider is your online presence. These days most of your customers will find you through the internet rather than more traditional forms of marketing. This means that your business needs to have a high quality …
How to Choose the Right Server for Your Website
Finding the right server for your business’ website is vitally important. Your server will facilitate your website, allowing your potential customers to access your webpages; they’re a very important part of your online presence. However, there are so many different server options and packages available that it can be difficult to know which would be …
Web Servers; An Introduction to Online Hosting
Getting your business online is simultaneously an incredibly simple yet incredibly complicated process. Build-your-own-website services make it super easy for you to build a website specifically for your business, so you can get started quickly and on your own terms. But once you look below the surface of your website, things become a little more …
How to Prepare for High Traffic Volume to your Website
Website traffic typically means the number of people who visit your website and engage with your online services at any one particular time. The higher your traffic, the better your website is performing, the more chances you have of making sales and generating a profit. When it comes to choosing the right server, the key …
Cloud Hosting; A Flexible and Secure Hosting Solution
Setting your business up online and starting that journey can be incredibly intimidating and overwhelming. After all, you’re doing more than just setting up a website, you’re also creating a whole new platform for interacting with your customers. And this interaction means that you’re collecting data from your customers, data that needs protecting. So, not …
Flexible Servers; Your Short Term Solution
There’s no predicting what the future will hold and sometimes we have to be flexible with our work. This is why we’ve put together an amazing flexible service for our customers, offering short term managed servers available at a moment’s notice. But why might you need this? Well, imagine for a moment, it’s around 2pm …
What we’re doing about rising costs
Costs across the UK are rising for every business and household. From increasing costs of energy to changes in local economies, many businesses are feeling the strain. Companies like ours that rely on large quantities of power to run our service have been significantly impacted by these differences. We think it’s important to talk about …
Breaking Down Everything you Need to Know About Dedicated Servers
Finding the right server for your business can be a challenge. You have to balance the needs of your online presence with that ever so important budget. But there are so many available these days, it can be hard deciding which caters for your needs best. Here at catalyst2, we specialise in web hosting, offering …
Reasons to Invest in Disaster Recovery Service
The business world runs at a fast pace and while this can bring extraordinary highs and many successes, it can also bring incredible risks. Disaster can strike at any time and the impact of these disasters can be catastrophic for your company, they can even cause you to declare bankruptcy. This has only gotten worse …
An Introduction to AWS Management
One of the many excellent solutions that we can offer you here at catalyst2 is our AWS management. AWS stands for Amazon Web Services and it is a scalable public cloud that we can help you to set up, manage, monitor, maintain and grow. We have years of experience working with different servers and hosting …
What our clients say
catalyst2 support people know their environment and how to manipulate it to the customers advantage.
