Secure your SFTP server: Tip 1 - Update your SFTP server software

The first tip in this series on How to secure your SFTP server is a basic one that is very often neglected, and yet it is probably the most important thing you can do to keep intruders out of your systems is update your SFTP server software. This means regularly applying Windows updates as soon as possible after they become available, and ensuring you do the same for your SFTP server software. New vulnerabilities are regularly found in Windows and in protocols such as SSL/TLS.

Two recent important examples of this are the Heartbleed vulnerability in OpenSSL, and the POODLE SSL 3.0 exploit.

Heartbleed is an extremely serious vulnerability, possibly the worst ever in the Internet era, and it affected millions of servers, including some very high traffic websites. It is imperative that all servers affected are patched as soon as possible. At the time of writing there are still thousands of unpatched servers. Fortunately our SFTP server software, CompleteFTP, does not use OpenSSL and so was not affected by Heartbleed.

POODLE is far less severe, and not nearly as likely to be exploited, but it is still important to obtain the latest server patch that disables the vulnerable SSL 3.0 protocol for FTPS and HTTPS. CompleteFTP 8.1.3 was released specifically in response to POODLE.

So, if your SFTP server software is not up-to-date and you haven't applied the latest Windows updates, please do so as soon as possible!