An FTP server is a computer that can receive, store, and transmit files over a network connection. The name stands for “file transfer protocol”, a global standard for sending and receiving digital data. In this article, ITPro will break down everything you need to know about FTP servers.
What is an FTP server used for?
An FTP server can be used in any scenario where users need to store and access files remotely. In practice, FTP is mostly used for sending items over the internet, but it can also be used over a local network.
Depending on the needs of the user and the server operator, an FTP server can be configured in a few different ways. It may allow remote users to log in and upload files to their own private space, or to shared folders, similar to a cloud storage account. Alternatively – or simultaneously – it may allow “anonymous” connections so that anyone can upload and download files from specific areas.
It’s important to note that the FTP server’s only job is receiving, storing, and transmitting data. Connected users can upload, download, copy, rename, move, or delete remote files, but they cannot run programs or edit content over an FTP connection. However, uploaded files may be processed by other applications that have access to the server space.
Who might run an FTP server?
FTP is ideal for any organization wanting to offer simple file access for remote users. For example, a business might allow homeworkers to download resources from company servers via FTP.
Anonymous FTP is also widely used for software distribution. For example, you might use a web browser to explore an online catalog of open-source programs; when you click to download an installer, the file will be sent from an FTP server.
Behind the scenes, FTP is also widely used for website development and management. Web content is developed and tested on local machines, then uploaded via FTP to the live site; a separate HTTP server then takes care of publishing the files online.
How do I operate an FTP server?
To host an FTP server, all you need is a suitable network-connected computer running appropriate FTP server software. Such software is available for all major desktop and server operating systems; however, it’s normally disabled by default and must be manually enabled and configured. This might involve setting up FTP-specific user accounts and assigning storage locations and quotas.
If you don’t have access to a server of your own, you can also lease FTP space for your personal use. Most web hosting providers include FTP access with their standard packages.
Remote users wanting to access an FTP server must do so using a client application. Most desktop platforms come with command-line FTP client capabilities, but for a more intuitive and flexible experience, you can use a third-party graphical FTP client such as the cross-platform FileZilla client or WinSCP for Windows.
It’s also possible to download files via FTP in a web browser, by following a hyperlink that starts “ftp://” rather than “http://:”.
What are the advantages of FTP over other types of network connection?
There are several reasons why a server operator might choose to use FTP for file access, rather than other options such as WebDAV or Active Directory.
For a start, FTP is a simple, lightweight protocol that takes minimal resources to run. And because FTP users can’t run programs on the server, the potential security risks are limited – although if user credentials are compromised (see below) then an FTP connection could still be used to download confidential materials.
FTP is also robust and flexible. There’s no limit to the maximum size of file that can be transferred, and most graphical clients allow you to queue long lists of files to be uploaded or downloaded. If a transfer is interrupted, the client can reconnect and resume uploading or downloading as many times as necessary to send or receive the whole file. This makes FTP ideal for moving or backing up files and folders of any size and type.
What’s the difference between active and passive FTP?
An FTP connection can be established in two ways, known as active or passive. From the user’s point of view the difference is normally academic: most FTP clients will automatically switch between modes as needed, and the features and performance available should be identical.
However, a network administrator setting up an FTP server will ideally want to ensure that it’s accessible in both active and passive modes. In the default active mode, the connecting client tells the server to send files and other information to a particular virtual network port on the user’s local machine.
Unfortunately, modern firewalls and routers frequently block incoming connections from external servers, causing active mode FTP to fail. Passive mode gets around this by having the client make an outbound connection to a network port on the server, which then serves as the data channel.
Is FTP secure?
The FTP standard doesn’t include encryption, so if someone’s spying on your network activity they could theoretically read the contents of the files you’re transferring. They could even extract the username and password that are used to log into an FTP server, and thus gain unauthorized access to the server – and to other services, if the same credentials are used.
One way around this is to ensure FTP servers are only accessed over a secure VPN connection. Another option is to use an updated protocol that includes encryption; there are two popular options with very similar titles, namely FTPS and SFTP. These both work very similarly to regular FTP, while adding encryption methods similar to secure web browsing, to ensure that usernames, passwords, and transferred data can’t be read by anyone who may intercept the transmission.
FTPS and SFTP doesn’t use the same server software as FTP, but the components are readily available for desktop and server OS platforms. On the client side, almost all graphical FTP applications include support for secure FTP transfers; users may not even be aware that they’re using a secure connection.