sFTP – Why you must you use this

FTP, the file transfer protocol, is one of the oldest systems we have on the internet.

It is a simple way to transfer files between two systems. Typically you use it to upload files to

Hackers can listen to FTP traffic

your web server and for this, it works very well. However, it has one major flaw…


Everything FTP does is in plain text. – Nothing it does is secure!

This means that if a hacker was listening on your connection they can read all the files you upload. It can also read the user name and password you used to connect, and so be able to upload its own files to your server!

There is a better way. sFTP is a secure version of FTP. This protocol works by setting up a secure connection first. The user name and password are then exchanged and the system is ready for use.

Apart from Encryption, sFTP looks and works the same.

My (FREE) Secure File Transfer Software

I use the FREE Filezilla program to transfer files to my web servers. The interface is identical for FTP and sFTP. Just the connection information is different. You only need to install the client software. Your web host should provide and have installed the software on the server.

Different connection information

The connection settings are slightly different. The port number is different but is usually setup for you when you choose sFTP in the settings. Check with your host if they use a custom port number.

For Mac Users

I have no personal experience of using a Mac for web design, but I understand that flow is a good utility for FTP and sFTP and is available in the Apple Store. More information here

My Web Host does not offer sFTP.

Does that mean they could not invest the small amount of money to set it up or that they just don’t care about your security? Either way, I would request sFTP is made available or change provider.