Better FTP security with Windows 2008 and IIS 7

On October 16, 2008, in How-to, Technical, by Frank Cheung

With Windows 2008 and our new control panel enhancements you can upload your files more securely than ever. In the past, FTP data was transmitted as plain text. Since the transmission is unencrypted and insecure, a hacker can potentially intercept your data while you are uploading.

With IIS 7.0, Microsoft introduced FTP over SSL. This works similar to the way HTTPS works. When you FTP using FTP over SSL, the data transmission is encrypted with a SSL certificate.

To further enhance security, we recently introduced a Control Panel feature that allows you to “blacklist” or “whitelist” certain IP addresses. Using this tool you can prevent or allow FTP connections from specific IP addresses.

If your site contains sensitive materials and you wish to secure FTP access, I would recommend doing the following;

  1. In your DiscountASP.NET Control Panel, change the default FTP access to “deny all.” See this KB article for details.
  2. Add your computer’s IP address to the whitelist address list. If you don’t know your IP address, you can use http://whatismyip.com (note that for most broadband connections your IP is subject to change whenever your modem is restarted, or your network goes offline for some other reason).
  3. Use FTP over SSL to upload. We have a few KB articles that demonstrate how to use FTP over SSL for some popular FTP programs.

By following these steps you ensure that only computers on your network can connect to your site.

Frank Cheung
CTO

Tagged with:  

Leave a Reply

iBlog by PageLines