Internet security is very important. We must protect our systems, devices, as well as always preserve the data and files on our website safely. Therefore, when hosting content on a server, we must take into account certain aspects to avoid problems. In this article we are going to talk about what is FTP over TLS / SSL .
How to avoid problems on FTP, FTPES or SFTP servers
It must be taken into account that on many occasions we can suffer problems that affect the operation of our servers. It is something relatively common when we make configuration errors or the service we are using has some kind of error. For this reason, it is advisable to avoid problems at all times that could harm the proper functioning of our FTP, FTPES or SFTP servers. There are common errors like the 530 authentication failure .
One of the most important tips is to make sure that our Internet provider is not blocking the corresponding port. This could lead to problems like FTP connection timed out . This would mean that our provider is blocking port 21, which is the one used in this case by FTP.
It could also happen that we are using the wrong port . We could run into an error like ECONNREFUSED. This occurs when we are trying to connect through the wrong port. Therefore it is essential to make sure that we are using the correct port and also that our operator is not blocking it.
A bug that also appears a lot is that of EAI_NONAME . It occurs when the specified server is not correct and the connection cannot be established. To avoid this we must always verify the information on our site.
Is the directory we are trying to access available? A common problem is error 530 Sorry, but I can’t trust you . We can avoid it if we see the exact path of the directory to verify that it is correct or if we create it in case it is not available.
On the other hand, we must take into account the importance of controlling possible firewalls that we are using. Sometimes they can interfere with the connection and cause problems that prevent the use of FTP, FTPES or SFTP servers.
What is FTP
FTP is a protocol for transferring files from one computer to another. For example we can transfer files and folders from a computer to a web server. It was initially created in the 1970s but continues to be very important. FTP servers are very present in the network and when accessing one we can see that the URL begins with ftp: //, instead of the typical http: //.
Its name comes from File Transfer Protocol (file transfer protocol). It allows you to upload and download files in a simple way on a server through any equipment such as a computer or a mobile phone.
Basically the user will have a file management system . You will be able to use a browser as we can see in operating systems such as Windows. We can include these files in folders and organize them as we want. In the same way we do with our computer.
In order for it to work, it is necessary to use TCP / IP , as in the case of the HTTP protocol. We can use it through a browser or specific tools. We can see where exactly that file is included. By default it connects to TCP port 21.
The problem is that initially the FTP protocol was designed with no security in mind. As we have mentioned, it is something that has been with us for many decades. Obviously, technology has advanced and brings both positive and negative aspects. The latter are related to security problems and attacks that we can suffer.
Why FTP over SSL is important for a web server
This we mentioned, the fact that it was an old protocol that does not adapt to current security measures, caused the implementation of FTP over SSL to be necessary. We generally refer to it as FTP / SSL . It basically consists of protecting the file transfer.
FTP over SSL uses an SSL / TLS layer below the standard FTP protocol. In this way we can encrypt the control and data channels. When information is to be exchanged, a TLS / SSL handshake is performed before anything is sent. This is how everything is encrypted.
This protocol authenticates connections using a user ID or password, in addition to being able to also have a certificate.
Variants: implicit and explicit FTPS
It should be mentioned that there are two variants of this protocol. On the one hand we have implicit FTP over SSL and on the other hand we also find the explicit FTP over SSL variant. We are going to explain what each one consists of.
- Implicit FTP over SSL : This variant means that the encrypted connection is implicit. It is not necessary to request it. However, this variant is not recommended today.
- Explicit FTP over SSL – The second variant is Explicit FTP over SSL. It is also known simply as FTPES. A standard connection is established via port 21 to the server and SSL handshake is explicitly requested.
SFTP, a different protocol
Keep in mind that SFTP is not the same as FTPS, although it can sometimes confuse users. It is a different protocol, although it does simulate the operation of FTP. In this case it uses the SSH network protocol.
In this case, both the control and transfer data are always encrypted and through a single channel. For this it uses port 22, as with the SSH protocol .
Although both FTPS and SFTP significantly improve security when transferring files, it should be noted that they have differences. One of the main ones is that the former uses multiple different ports, whereas SFTP uses a single port for all transfers.
Ultimately, security is a very important factor when hosting content for our website. Making use of FTP over SSL is very interesting to encrypt connections and avoid problems.