SFTP vs Other methods

[iLLuSi0nS]

I cannot connect to my server via SFTP because of firewall restrictions,
how insecure is regular FTP? If someone was sniffing port 21 would they be able to intercept my information very easily (mostly my user and pass)?

How do you guys connect to your server when using Dreamweaver?
Anyone use cpanels "Web Disk" aka "Local/Network" or webdav?

 

[sparek-3]

Somebody else might have better knowledge of this than me.

I use FTP over explicit TLS (I believe that is the setting in FileZilla). This encrypts the login section of FTP, but does not encrypt the actual data.

This is generally good enough, though I guess it depends on what you are uploading. If you are uploading just plain HTML documents, then there's really no advantage to uploading it over unencrypted means because HTML that is accessible on the web can be read by anyone anyway.

In my opinion, and this is straying off-topic a little, I think a new FTP or FTP-like standard needs to be written for secure transfers. I'm not sure what the answer is. SFTP is nice, don't get me wrong, but I just think it is wrong to depend on an application that has to piggy-back on another application (SSH). This isn't a cPanel problem, its more of an industry problem that I believe needs to be addressed.

 

[chirpy]

I agree. It's a pretty major restriction for FTP.

If you're connecting from a static IP address, you could always whitelist it in your firewall to allow the connections through for FTP over SSL/TLS.

Just a note: SFTP is FTP over SSH; FTPS is FTP over SSL/TLS - different protocols and access methods