FTP
On this page
FTP can be configured as
- plain FTP
- or FTP over TLS
Supported protocols
Protocol | Security | Description |
---|---|---|
FTP | Insecure | Plain unencrypted FTP. Use this protocol only in a local network or over tunnels. |
FTPS explicit | (START)TLS | FTP over TLS. An unencrypted FTP connection is started and if the server supports TLS a STARTTLS command is sent to upgrade to a secure TLS connection. |
FTPS implicit | TLS | FTP over TLS. The connection starts with a TLS handshake and will fail immediately if the server does not support that. Usually this mode is operated on a separate port (default 990 ). This is more secure but because of the separate port not as common as explicit TLS. To active this connection mode check the option Implicit TLS |
Special options
- Activate Passive Connection which is the recommended default nowadays to handle networks with NATed firewalls/routers.
FTPS (TLS)
In addition to all FTP options there are following special options:
- If the FTPS server uses a certificate signed by a trusted public CA then tick the option Validate server cert which ensures that the connection is only made to the right server. When using a self-signed certificate, an encrypted but unauthenticated connection is made. It’s still more secure than the unencrypted version.