|Ocean FTP Server
Help, configuration and tips.
Tutorial: Important Security Considerations
This pages contains useful information on how to ensure your FTP server remains secure. For more detailed information on what each option of the 'Security' dialog performs please read the Security section.
FTP Server Security
There are quite a number of things that can be done to enhance the security of your FTP server. Firstly, you can prevent potentially dangerous file types such as 'exe', 'pif', 'scr', 'com' and 'bat' from being allowed onto the server. A very important security improvement is to limit access to your important accounts by restricting the IPs in which access is allowed. If you intend to keep the FTP server private, you could also change the listening ports to non-standard values, effectively hiding your FTP server. In particular, Remote Admin should be set to a non-standard port to help protect your system from users trying to gain access by guessing your password. Finally, making good use of the built in security features such as Anti-Hammering, SSL and the others will help ensure your files are secured.
Ocean FTP Server contains many advanced features which are intended to make the software flexible. However, in a lot of cases, some are not required. We recommend that to ensure security is at its best, you disable services which are not used (e.g. if you don't use Remote Admin or Site to Site transfers then disable them). With fewer services running, there are less portals for hackers to attempt a break in. This does not only apply to our FTP server though, other services such as web servers, mail servers, windows file sharing and others can also be streamlined. If your computer is just an FTP server, then that is all that is required.
As well as limiting the services that you run on your server, it is also a good idea to use a firewall to restrict access to only the ports that your require. This way you can help protect yourself against exploits in Windows, exploits in other software and also block out services which may be running that you are not aware of. You should always build your security by first building a 'brick wall' (firewall) around your server, then letting through just the services you want as and when they are needed.