Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SFTP for ALL FTP accounts?

Discussion in 'Security' started by bbf, Mar 20, 2013.

  1. bbf

    bbf Member

    Feb 21, 2008
    Likes Received:
    Trophy Points:
    FTP sub-accounts (cPanel --> FTP Accounts --> Create)

    According to a bunch of old posts, these sub-accounts cannot use SFTP. They can only use FTP. Plain-text FTP is susceptible to sniffing and is a security liability.

    (A few years ago my PC "caught" malware that sniffed my FTP credentials and then used a bot to insert javascipt onto EVERY single page of EVERY single one of my websites that I had logged in to; even with auto-updating virus scanner and spyware scanners and updated Windows, this thing got through and silently collected all my FTP activity for weeks. SFTP would have nullified the sniffing.)

    "A feature that forces passwords to be transmitted in clear test seems foolish. If users choose to be foolish on their own, so be it. But forcing users to be foolish is another story."

    If optional SFTP for all FTP accounts is something you'd like to see in a future cPanel release, please vote on the cPanel features community:
    SFTP access for virtual FTP users | cPanel Feature Requests

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice