With all this talk about security on your site, I was wondering if the FTP
program I use (FileZilla) is secure. I use it to upload (locally developed)
websites to servers and it always worked fine, but now I’m thinking that a FTP
program may be more secure if you need to log in before you can use it. Also,
FileZilla has a function to export all the data of your various ftp accounts to
an xml file, but that’s unencrypted. I’m assuming it stores all the passwords
unencrypted as well.
Well, we have good news, and bad news. Sadly, it’s mostly bad news.
The bad news is that while FileZilla does have one security issue I’ll get
to, it’s not FileZilla – or any ftp program for that matter – that’s the weak
FTP itself is fundamentally insecure.
The Problem with FTP
FTP – which stands for File Transfer Protocol – is perhaps one of the oldest protocols for transferring data around the internet. For many years it was – and to be honest, in many cases still is – the workhorse for transferring files, often large files, around.
The fundamental problem with FTP is that it’s not encrypted.
As it turns out there are two fairly dramatic ramifications from it’s lack of encryption:
Any and all data being transferred via FTP is transferred in the clear – any network device along the way can see what’s being transferred. Perhaps more troubling is that if you use FTP over an unencrypted open WiFi connection anyone who cares to sniff the WiFi connection can see your data.
The username and password being used to login to the remote site are also transmitted in the clear. Once again anyone who can see or sniff your network traffic can see the username and password if they happen to be watching when you initiate the connection.
There are a couple of other issues with the protocol as well that can affect performance in some cases, and network routing in others, but the issue you should really care about is the fact that in today’s terms there is zero security built into FTP. None. Nada. Zip.
The Solution: SFTP
Fortunately, there is a solution: SFTP, which stands for Secure File Transfer Protocol. Even though the name is similar, it’s technically an entirely different and unrelated protocol. And as you can imagine from that name, security is built in; everything’s encrypted.
You can probably sense a “but…” coming.
But … you can’t use SFTP anywhere you can use FTP. Like I said, it’s a completely separate protocol and must be supported on the server that you’re connecting to. For reasons I can’t quite fathom, many servers – in particular the servers at many website hosting companies – don’t support SFTP. In those cases you’re stuck with FTP.
As you also might imagine, SFTP is the only way I access my own servers.
FileZilla: Good & Bad
Like I said, FileZilla is a fine, fine FTP program. It’s handy to have around.
The good news is that FileZilla supports the SFTP protocol. That’s perfect in most cases since if your server supports it you’re done – you already have a tool that you’re familiar with that you can use in this more secure way.
The bad news is that I was surprised to find that when you create a site profile in FileZilla’s site manager so that it remembers your login specifics – it remembers the password. In plain text. On your machine. (Check out the contents of %APPDATA%/FileZilla\sitemanager.xml.) So someone who gains access to your machine could in fact grab that file and learn your (s)ftp passwords.
The solution is to ensure the physical security of your machine as well as making sure that you never ever get any malware.
Well, either that or as you’ve pointed out never have FileZilla remember passwords for you.