How to Use sFTP with FileZilla [Secure way of connecting through filezilla]

Discussion in 'Member Articles & Tutorials' started by Kaiser, Jan 7, 2011.

  1. Kaiser

    Kaiser Regular Member

    Nov 15, 2010
    Likes Received:
    FileZilla is used daily by millions of users to upload files to their servers by FTP. However, there are some security concerns with FileZilla, including the fact that FileZilla stores passwords in regular text files on your computer. In addition, by using regular FTP, any connection between your computer and your web server can be intercepted by a third party. In 2009, thousands of websites were hacked withstolen FTP credentials. To keep your site as secure as possible, it would be better to use secure FTP and never store any passwords within FileZilla.
    So how can you continue to use FileZilla for FTP and make it more secure?
    The first step is to set up FileZilla for secure FTP (sFTP), which uses SSH to send files back and forth. SSH uses port 22 by default, but you can add one more layer of security by using a port above 1024.
    To select a port above 1024 for SSH, log on to your server by SSH and edit the sshd_config file by entering the following command: vi /etc/ssh/sshd_config
    Hit “i” for insert mode and scroll to the line that says “Port 22” and change it to a number above 1024.
    Next, scroll to the line that says “Protocol “; make sure it says “Protocol 2“.
    Save the file (ESC, :w , :q)
    Restart sshd by entering /etc/init.d/sshd restart.
    Set up FileZilla by selecting sFTP followed by entering username and newly chosen port number. Remember to have FileZilla ask for your password every time.
    You can prevent further unauthorized FTP access to your server by setting up a firewall and only allow FTP access from your IP address.
    Using sFTP with your FTP client is a good way to keep your web server as secure as possible. sFTP is slightly slower than regular FTP, but it’s worth the extra time.

  2. SpacewardAsh

    SpacewardAsh Lurking From Space

    Jan 2, 2011
    Likes Received:
    Falmouth, Cornwall, UK
    First Name:
    Just a tip that does not seem to be mentioned in the guide:

    Ensure you open up the new port number on the server firewall before changing the default port, otherwise you might end up locking yourself out of SSH.

    Then the next step is to close the old port number so it can no longer be used.

Share This Page