Secure FTP connection, All browsers!!!

Posted on 2004-08-20
Medium Priority
Last Modified: 2010-04-06

I need some advice.
I am building a web application in php.I work for a graphic design company. This application is a front end for a Image library. All the image files will be stored on a ftp server. I need a way to link to the files but not display ftp user/pass. What i am doing now is creating a pop-up which loads a php page which redirects to the ftp file (ftp://user:pass@ftp.domain.com:21/test.doc). This only works in some browsers:

IE- opens pop-up and save as dialog at same time, does not allow focus of pop-up until save as is clicked, and then pop-up close's (impossible to view source and see address)

netscape- opens pop-up and save as dialog, but displays link in netscape download manager.

Does anyone know of a way I can stop users from seeing the ftp user/pass?

If you need clarification on anything please ask
Question by:91mustang
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 11860727
Wouldn't it be easier to do this with SQL queries and more secure? Server side stripping.

Author Comment

ID: 11860920
Could you explain?
LVL 36

Expert Comment

ID: 11862427
ryan, you mean storing the image links inside a database?
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users


Author Comment

ID: 11863730

Thats what I am doing, but I still have to give the user the link to click on?, What I need is way to hide the password.
LVL 48

Expert Comment

ID: 11864592
Why should the user download the image via ftp, he could also download it via http:// and your application. Instead of redirecting the user to the ftp://-URL redirect the user to a page which downloads the images. If you have the problem that the picture is shown in the browser you can modify the headers to show a save dialog for that file. e.g:

header("Content-Disposition: attachment; filename=\"$filename\"");

Author Comment

ID: 11864597
The files are photshop and illustratot files. Most files are 800mb +. http is not an option. We need ftp for speed.
LVL 48

Accepted Solution

hernst42 earned 500 total points
ID: 11864714
I just tried it and HTTP was faster than FTP:
A file of 322106KB took via ftp ~ 90 sec, via raw http it took ~ 67 seconds and via http and php it took as long as ftp ~ 90 sec

Both files have been downloaded via Mozilla 1.7 on an Windows-box (server is a linux-server, apache 1.3 for http and pure-ftpd for ftp) with a 100MBit-full switched network

The files was delivered in php:
header("Content-Disposition: attachment; filename=\"$filename\"");
header("Content-Length: " . filesize($filename));
$fp = fopen($filename, 'rb');

Author Comment

ID: 11864739
interesting, I will give it a try at work tommorow, thanks for the info!!

Expert Comment

ID: 11892397
Side note.

In my around 7-8 years experience, HTTP downloads for some reason indeed have always been faster than FTP downloads from the same server, regardless of the server. I would guess that FTP protocol adds some overhead with its usage of 2 connections (control + data ).

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you tried to learn about Unicode, UTF-8, and multibyte text encoding and all the articles are just too "academic" or too technical? This article aims to make the whole topic easy for just about anyone to understand.
JavaScript has plenty of pieces of code people often just copy/paste from somewhere but never quite fully understand. Self-Executing functions are just one good example that I'll try to demystify here.
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question