Securing ftp login

I need a way to allow my clients to log into my fedora 4 Apache 2.0.54 web server to download project files

My clients are not technically savy and seem to have an aversion to loading any additional software to access my server - its "too" difficult.???
In other words if i can just use Windows explorer, it would be the best solution for my clients.

After a lot of mucking around i have come up with the following conclusions (this is just so that i don't get suggestions for things i have already tried)

...I have set up webdav sucessfully on the server but windows explorer on xp systems only seem to connect without authenication and can't find the server if it uses ssl ( i may as well just use ftp. ie of no use whatsoever)

....I have setup an ftps server but windows explorer dosen't seem to know what thst is????

...Yes i know there is a host of ftps/ftp clients ranging from free to an amazing amount of $$. However my clients don't want to install free software so they sure as hell not going to pay for it.

..I have also looked at some web applets but I'm not convinced that they are the right solution...yet

Does anyone any brilliant solutions? Has anyone sucessfully got webdav to work for windows xp clients? i know this request is looking for a very narrow set of solutions but if it can be done, I would be greatful!!

One thing i was thinking was is there anyway to integrate https and ftp using redirects so that a client logs in using https and is then transfered to ftp to complete the transaction. I don't know... it was just a shot in the dark!!!

I really am only interested in preventing crackers/hackers from exploiting my machine and provide isolated folder access to different clients. Once a user is authenticated ftp transfer (whilst less than ideal because it is not encrypted) should be ok for the purpose.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

if you type ftp://user:password@server in Windows Explorer location line (!!!NOT INTERNET Explorer) it will open your FTP directory just as another folder and you can drag and drop files there just like to another drive or folder on your local pc.

WExplorer does not know what sftp  or ftps is, that's correct. What you could do to make it all safer is to turn off shell access for FTP clients and "jail" them to their directories.
PhillOAuthor Commented:
but won't the username and password be transmitted in plain text

yes they will, that's why you need to disable shell access, but that's the only way where you "can just use Windows explorer" and therefore "it would be the best solution for [your] clients".

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
PhillOAuthor Commented:
Okay Thanks

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.