We were recently asked by a CompleteFTP user which was the best protocol to use for file transfers – HTTPS or SFTP. In particular, the user was interested in large transfers and security.
SFTP and HTTPS are quite different protocols. SFTP is a protocol for file transfer over SSH (secure shell), and is very similar in functionality to FTP – it is designed for secure file transfer.
HTTPS is a secure version of HTTP (using […]
CompleteFTP, our secure FTP server for Windows, has quite a long development history, and has undergone considerable change since its inception. HTTP support, clustering, a multi-protocol gateway, file sharing and custom extensions are just some of the key features added in the last few years.
But what of the future? What can CompleteFTP users expect from 2015?
Last year we did a customer survey, and this year we’re talking to as many of our customers as possible to find […]
This post is the last in our blog series on securing your SFTP server. It’s time for some concluding remarks.
Firstly, never relax! Maintaining security is an ongoing task, and it is important to be vigilant – regularly checking logs, testing your security measures, and ensuring security patches are applied as they become available. Suspicious activity needs to be acted on immediately.
Secondly, be aware that many successful attacks stem from social engineering, or from disgruntled employees or […]
A common request that we get is how to configure CompleteFTP Enterprise Edition so that it acts as a direct proxy for another server. This is particularly common for users who need an encrypted front-end to a legacy FTP server, for example. With CompleteFTP it’s possible to have authentication handled by the remote server so that it’s unnecessary to set up users in CompleteFTP.
To do this you first need to configure a […]
Secure file servers such as CompleteFTP support many protocols, including FTP, FTPS, HTTP, HTTPS, SCP and SFTP. Previous posts have explained various techniques that help protect your server against attackers. These techniques have been largely generic, and apply across all protocols. This post will focus on the SFTP and SSH protocols, and examine protocol-specific settings that should be enabled to make your SFTP server as secure as possible.
The first tip has already been mentioned, but it […]
Parts 1, 2, and 3 of this series explained techniques to prevent attackers from getting access to your SFTP server’s machine, and features such as IP filtering and auto-banning that make it more difficult for them to obtain an unauthorized login.
There are some other simple configuration changes that can be made that make your server considerably more secure.
The most important group of changes is at the protocol level. Quite simply, if a protocol […]