Knowledge Essentials - 3Essentials Hosting

Secure FTP (sFTP, FTPS) support on 3Essentials hosting

Article ID: 446

 Back to Search

Question: Does 3Essentials support secure FTP (SFTP) or FTPS?
3Essentials provides FTPS (FTP over SSL) on its hosting services which support this functionality.  FTPS provides encryption of FTP user credentials during transmission, as well as optional encryption of data transferred during the FTP session if so configured in the FTP client.  
Please note, sFTP and FTPS are two different solutions, and 3Essentials hosting solutions provide support for FTPS, not sFTP.  For information on the difference, please see KB article: Definition: FTPS vs sFTP.  
The continued wide usage of FTP for file transfer within the hosting industry has continued to be an area of weakness for the entire industry.  With standard FTP, communications are not encrypted - even the FTP username and password are sent in clear text, without encryption.  This means if the communication is monitored by a simple trojan on the user's system, or intercepted anywhere between the user and the FTP server (for example by a worm on your Cable/DSL modem), the user and password is easily retrieved from that communication.  It's then quickly used by that hacker to access website files, modifying them to insert hidden links to other malicious websites, deface the website, or other nefarious activities.  

FTPS (FTP over SSL) uses the same SSL encryption you trust to protect your web-based online shopping and banking activities which use HTTPS/SSL.  FTPS will allow you to use a standard and familiar FTP client that supports FTPS services to upload/download/manage your files just as you did before, but the transmission of your username and password, as well as your data, will be encrypted as it traverses the Internet between your PC and the FTP server. 

Most current FTP clients now support FTPS, and your preferred FTP client likely already does.  We have provided instructions for configuring some common FTP clients for FTPS here: Configuring your FTP client for FTPS .  If you do not see your FTP client listed, please see the "Generic FTP Client" section of that article, and if those instructions are insufficient to assist you, you may, consult your FTP client software company for information on how to enable FTPS or contact our support team, and if we can obtain a copy of the FTP client, we'll test and provide you the proper configuraiton steps.

  • Shared Hosting*
    • FTPS is currently enabled on the following servers:
      • WEB34, WEB30, WEB28, WEB26, WEB24, WEB22, WEB20, WEB18, WEB16, WEB13, WEB11, WEB9
    • FTPS is not available on:
      • WEB12, WEB10, WEB8, WEB6, WEB4, WEB2, WEB5, WEB7
      • If your hosting plan is on one of these servers and you require FTPS, please contact our billing team regarding updating your hosting plan to a current hosting plan which includes FTPS services.
  • Managed Virtual/Dedicated Server
    • Windows 2003/IIS6 based servers: secure file transfer services are available as an add-on, and may require upgrade of your managed dedicated or virtual server hosting plan to a more advanced FTP server product which natively supports SFTP or FTPS.   For new customers, please contact the sales team with your interest, and one of our dedicated/virtual server sales representatives can provide you information on pricing and options.  For existing customers, please contact the support team, who can review your current configuration and provide information on available options.
    • Windows 2008/IIS7.5 based servers: FTPS can be enabled upon request, simply submit a support ticket requesting this. 
  • Customer Managed/Self Managed Server
    • Windows 2008/IIS7.5 based servers: FTPS can be enabled. To do so:
      • If your server has Parallels Plesk Control Panel installed, under the IP's configuration (server/settings > IP addresses > the ip you want to enable ftps on), select the "allow ftp over ssl" option.  This has plesk set up the SSL cert in the FTP service and enable proper protocol settings.
      • In IIS, limit the passive port rage.  Open the IIS Amin. At the server level of IIS (not at the site level) open the FTP FIREWALL SUPPORT applet > set the DATA CHANNEL PORT RANGE to 30000-30050
      • Recycle the MICROSOFT FTP SERVICE service
    • For any other FTP server software/daemons you use, check your documentation on how to configure a port range. Set that range to 30000-30050

Related articles you may find helpful:


Downloads Associated With This Article
No downloads are currently associated with this article.