FTP, FTPS and FTPES
The File Transfer Protocol dates back to the early 1970s. At the time, the protocol was concerned purely with transferring files between a client and server. As with other tools, such as telnet, security wasn’t a concern.
Security is a major concern nowadays: sending your FTP username and password to a server in plain text is a really bad idea. Although plain FTP is still in use, most people nowadays use FTPES.
FTPS: implicit security
The first attempt to make FTP secure was FTPS. FTPS uses port 990 instead of port 21 to connect securely to a server. FTPS never became a hit, mainly because the FTP protocol doesn’t define the implicit negotiation used by FTPS. That is, FTP clients are supposed to negotiate the level of security with the server, but FTPS doesn’t do that: it implies the use of TLS. Like plain FTP, FTPS has fallen out of favour.
FTPES: explicit security
The method widely in use nowadays is FTPES. With FTPES (explicit FTPS) the client and server use port 21 to negotiate the level of security to be used. The client can ask the server to switch to an encrypted channel via the AUTH SSL or AUTH TLS command, and after the server has established a secure channel the client can securely send the user credentials.
Confusing lingo
The reason many people are confused about different FTP methods is that it is reasonable to assume that FTPS means secure FTP, in the same way that HTTPS is secure HTTP and IMAPS is secure IMAP. However, when people talk about FTPS they usually talk about FTPES. Here is a quick recap of the differences:
| Type | Port | Notes |
|---|---|---|
| FTP | 21 | Plain text communication between client and server. |
| FTPS | 990 | TLS implied (no negotiation between client and server) |
| FTPES | 21 | Level of security is negotiated between client and server |
What about SFTP?
SFTP is another protocol for transferring files. Other than that SFTP has nothing in common with FTP, FTPS and FTPES. SFTP is short for SSH File Transfer Protocol and is an extension of the SSH protocol. This implies that the client needs to have shell access in order to use SFTP. By default, it uses the SSH port (22).
Featured Blogs
Golang hosting
Go, also referred to as Golang, is an open-source, statically typed programming language. It was developed by Google for simplicity, high performance, efficiency and readability. The reasons for its development are rooted in a desire to simplify the more complex codebases within Google. The fact that this language seemingly has two names can be confusing, …
Factors to Consider About Reseller Hosting in the UK
The internet is one of those things that are always changing and evolving, and every so often, someone comes up with an idea that will truly revolutionise the online world. Easy to build web packages from places like WordPress are just one example of this. If you’ve got the next great idea that will transform …
Popular Ideas for Domain Registration in the UK
Whether you’re planning on starting a business, writing a blog or if you’re looking to secure a corner of the internet for future work, you’ll want to register your domain in the UK. This is the process of acquiring a domain name, which is a vital step in the creation of your online presence. Your …
A Beginners Guide to Web Hosting
If you’re planning on setting up your own website, then you’ve probably heard about web hosting. Web hosting is the service that platforms offer to host your website on the internet. And if you’re new to the world of websites and having an online presence, it can be tricky to know exactly what web hosting …
Understanding the Private Cloud
A private cloud is a flexible, secure, scalable infrastructure that you can use solely for your business. This gives you the chance to build up a reliable computer system without having to share your resources with other organisations. A private cloud can be either hosted internally by an organisation or it can be managed by …
A guide to cPanel and Plesk
cPanel and Plesk are two of the most popular online hosting services. Both have a different approach to creating and managing websites, email accounts, databases and more – but which one is right for you? In this blog post, our team takes a deeper look into what both interfaces are, how they can make your …
A Guide on How to Buy a Domain Name
Finding the right domain name is vital for your brand and business. The right name can make it easier for your potential customers to find you and it can help you to reach a global audience. Your domain name is more than just a web address; it is a key part of your brand. Whether …
Getting Yourself Online – An Introduction to Web Hosting
If one thing has become clear during the global pandemic, it is that nothing is more important to your business’ success than your online presence. Being online is far more important than you can ever imagine, particularly as it is increasingly becoming the main place of your sales. Whether you’re just starting out as a …
What is a VPS? Everything you need to know about VPS hosting
VPS servers are becoming a more popular choice when it comes to website hosting due to its lower cost and higher security. It has proven a good decision for game markers, programmers, SaaS providers, and companies searching for better hosting servers. But what does it mean? In this blog, we will be exploring exactly what …
How encryption and security are integral to the Microsoft SQL platform
As the world becomes more and more digital, security is becoming a bigger concern for individuals and organisations alike. For this reason, it’s important to understand how encryption can help protect your data from theft or unauthorised access. This post will cover what encryption is, why you should use it with SQL Server, and some …
What our clients say
Everything is fine, thank you. The queries I had were dealt with in a prompt, professional and truly friendly manner! I have never experienced such superb service from any other supplier!
You guys and Catalyst2 are awesome!
