*Cube-Host– full cloud services!!

get a consultation

What is FTP and how does it work?

File transfer for hosting: FTP basics and secure alternatives

FTP (File Transfer Protocol) is a classic way to upload and download files from a server — often used to manage websites, move backups, or transfer media. But “plain FTP” is not encrypted, so modern hosting workflows usually prefer SFTP or FTPS for security.

If you manage a website on shared hosting, FTP/SFTP access is commonly available. If you need full control (users, firewall, ports, automation), a Linux VPS or VPS hosting is a better fit for production workflows.

What FTP is (in simple terms)

FTP is a protocol that defines how a client (your computer) connects to a server and transfers files. It supports listing directories, uploading, downloading, renaming, and deleting files — basically, “remote file manager” over the network.

How FTP works: control channel + data channel

Control connection (usually TCP 21): login, commands, and responses.
Data connection: the actual file transfer. This is where Active vs Passive mode matters.

Active vs Passive FTP (why connections fail behind NAT/firewalls)

FTP uses a separate data channel. Depending on mode, either the server connects back to the client (Active) or the client connects to the server’s opened port (Passive). In real life, Passive mode is more common because it works better behind NAT and strict firewalls.

Mode	Who initiates data connection	Typical issues	Best use
Active	Server → Client	Blocked by client firewall/NAT	Rare today
Passive	Client → Server	Requires server passive port range open	Most hosting setups

FTP vs FTPS vs SFTP (don’t confuse these)

These names look similar, but security and network behavior differ.

Protocol	Encryption	Default port	Notes
FTP	❌ No	21	Credentials in plain text (avoid on the Internet)
FTPS	✅ TLS	21 (Explicit) / 990 (Implicit)	FTP + TLS, still has Active/Passive complexity
SFTP	✅ SSH	22	Different protocol, simpler firewalling, very common on VPS

How to connect to an FTP/SFTP server (practical)

Option A — FileZilla (fast setup)

Host: your server IP or domain
Username / Password: provided by hosting panel or created on VPS
Protocol: choose SFTP if available (recommended)
Port: 22 for SFTP, 21 for FTP/FTPS
Transfer settings: use Passive mode for FTP/FTPS if you see connection issues

Option B — Windows (WinSCP) for secure transfers

On Windows, WinSCP is a popular choice for SFTP. If you work with Windows infrastructure, you may also host projects on a Windows VPS, but for SFTP you typically connect to Linux-based servers or appliances that expose SSH.

Option C — Command line (Linux/macOS)

For secure file transfer, prefer SFTP:

# SFTP interactive session
sftp user@server-ip

# Download a file
get remote_file.zip

# Upload a file
put local_file.zip

# Exit
exit

If you must use classic FTP (not recommended on public networks):

ftp server-ip
# login
ls
cd public_html
put index.html
get backup.tar.gz
bye

If you run your own FTP server on VPS: ports and passive range

FTP in Passive mode needs a port range open on the server. If you don’t configure it, transfers may “hang” or fail randomly.

Example idea (server-side): configure a passive range like 50000–50100, then allow it in your firewall. Exact steps depend on your FTP server software (vsftpd/proftpd/pure-ftpd), but the principle is always the same: define the range + open it.

Security checklist for FTP-style access

Use SFTP (SSH) or FTPS instead of plain FTP whenever possible.
Create a dedicated user per project (avoid sharing one login across the team).
Restrict permissions (least privilege): upload folders writable, configs read-only.
Disable anonymous access unless you truly need it.
Monitor logs and enable brute-force protection (Fail2Ban).
Rotate passwords/keys and keep backups before big deployments.

Troubleshooting: common errors and quick fixes

“530 Login incorrect” — wrong username/password, or account disabled.
Timeout on directory listing — usually Passive/Active mismatch or passive ports blocked.
Works on Wi‑Fi, fails on corporate network — firewall blocks FTP; use SFTP (22).
Certificate warning on FTPS — use a valid TLS certificate or confirm fingerprint (production: valid cert recommended).

Need a better workflow than FTP?

For modern deployments, SFTP (SSH) is usually simpler and safer than FTP. If you need full control over users, keys, and firewall rules, run your stack on a Linux VPS or scalable VPS hosting. For typical website uploads on small projects, shared hosting often includes FTP/SFTP access out of the box.