FTP (File Transfer Protocol) is employed to transfer information and is very used in website creation. It enables to transfer data from your computer to your server/hosting account.
This means that if you plan on building a website, you inevitably use some form of FTP to transfer your site on the server. So, it´s a very useful thing to know about.
The problem about FTP is that the data authentication and transfer is undergone without any type of encrypting. This means that anyone could take your information and the server access credentials.
But don´t worry, FTP has various forms that ensure more safety than the original, the main ones are FTPS and FTPES:
What is FTPS?
File Transfer Protocol Secure (FTPS) is a more secure form of FTP. It´s just normal FTP but with added security protocols for more data security. These protocols are usually TLS and SSL which encrypt your login info to ensure your information goes from A to B with no surprises along the way.
What is FTPES?
It´s also known as Explicit FTPS because at the end of the day, it´s another version of FTPS. With the difference that it connects to your hosting account explicitly (FTPS does it implicitly).
Keeping it short and simple, it only changes how the information is encrypted.
Thanks to this protocol, all new communications with the FTP server will be encrypted and the integrity of the information transferred will be checked. This will ensure that our data hasn´t been modified or touched in its journey.
Another point to add is that with servers that use FTPES, you´ll have to open the control port you configured and FTP PASV ports so that you don´t have problems with the NAT.
What is SFTP?
It stands for SSH File Transfer Protocol. Unlike FTPs and FTPES, it has nothing to do with FTP protocol. It´s mainly used for transferring big files from one point to another.
It´s based on SSH protocol. This means that SFTP lets us authenticate and transfer files just as the FTPES but using SSH encrypting.
If you plan on using the SFTP protocol remember, it depends on the SSH server, not the FTP. This means that you´ll have to set up your access to SSH.
Is FTPES safer than SFTP?
Now a days, FTPES protocol is the most used in data transferring because it´s the safest option. Another reason is that with the use of NAT, a FTPS server with LAN connection could suffer connection errors.
SFTP is mostly used to transfer files on to dedicated servers or VPS because it´s better at transferring heavy files and it can do it as safely than other FTP protocols.
Both SFTP and FTPES protocols are safe, the difference is in the encryption protocol they´re based on. FTPES uses TLS (Transport Layer Security) while SFTP uses SSH protocol.
Although they both do a good job at encrypting your information, at a high level these encryption protocols serve a better use depending on what you want them for. For example, if you want to connect to a website server securely and manage your site from there, then use SFTP. But if you want to interact with your site and submit data, your server will use TLS.
