We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now


Securing FTP

bleujaegel asked
Medium Priority
Last Modified: 2012-05-05
I am setting up FTP to allow only a few users to connect.  I am aware of the clear text password issue, so I created a group called 'FTP'.  I then created a user 'FTPUser', and changed the group membership from the 'Users' group to the 'FTP' group.  I am isolating the group/user combination to the FTP directory via NTFS permissions that I propigated throughout the FTP folder structure.  I figure if someone captures the password, they can only access this directory structure and nothing else.  Does this sound like a good plan?  Is there anything else I can do further to secure this?
Watch Question

Hi bleujaegel,
This sounds like you are following the guidelines set out by microsoft article which is reference throughout EE.

if you are aware of the IP addresses of where your using are coming from you could set the directory access to a default of deny unless ip = the addresses you allow.

This means someone whould have to capture the pass as well as spoof the source address they are comign from.

I think that is about as secure as you can get it


Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Instead of using FTP, you might be able to use SCP or SFTP, which is secure.

Open Source SSH Server (SCP and SFTP uses SSH as its transport) for Windows: http://sshwindows.sourceforge.net/
Open Source SCP & SFTP client for Windows: http://sourceforge.net/projects/winscp/

An article on SSH / SCP / SFTP for Windows: http://www.jfitz.com/tips/ssh_for_windows.html
An article on setting up a SFTP Server on Windows: http://www.digitalmediaminute.com/article/1487/setting-up-a-sftp-server-on-windows


Good point to deny by IP.

I will check out the secure FTP apps.  

Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.