I’m running Pro; I need to secure the FTP for PCI Compliance; I have many sites on a shared IP and one site with an SSL cert; its only the one site I need to change; but its fine to change them all.
Any users should be able to use SFTP, so long as they have a valid shell. You wouldn’t need to do anything with SSL in order for that to work.
By default, FTP was setup as clear text; in cPanel (not to bring that up) it had an option to use FTPS (FTP over SSL/TLS), this was to make it PCI compliant; I was wondering if you have a setting like that.
Can you add instructions at the FAQ page for PCI compliant on how to setup ProFTP to use FTPS (FTP over SSL/TLS); it would help; since they are requiring it.
No, there isn’t a setting for that; I’ll look into how to set that up and work on adding that to the docs.
SFTP is a good way to handle that, but you’re correct that adding SSL certs to FTP should also provide a secure way of transferring files.
I just wanted to kick this up, I saw when I generated the SSL Certificates they are not added to the proftpd directory, correct?
Is there a manual available how to setup FTPS?
Roger, in case you didn’t see my how to, see: