FileZilla is used daily by millions of users to upload files to their servers by FTP. However, there are some security concerns with FileZilla, including the fact that FileZilla stores passwords in regular text files on your computer. In addition, by using regular FTP, any connection between your computer and your web server can be intercepted by a third party. In 2009, thousands of websites were hacked with stolen FTP credentials. To keep your site as secure as possible, it would be better to use secure FTP and never store any passwords within FileZilla.

So how can you continue to use FileZilla for FTP and make it more secure?

The first step is to set up FileZilla for secure FTP (sFTP), which uses SSH to send files back and forth. SSH uses port 22 by default, but you can add one more layer of security by using a port above 1024.

To select a port above 1024 for SSH, log on to your server by SSH and edit the sshd_config file by entering the following command: vi /etc/ssh/sshd_config

Hit “i” for insert mode and scroll to the line that says “Port 22” and change it to a number above 1024.

Next, scroll to the line that says “Protocol “; make sure it says “Protocol 2“.

Save the file (ESC, :w , :q)

Restart sshd by entering /etc/init.d/sshd restart.

Set up FileZilla by selecting sFTP followed by entering username and newly chosen port number. Remember to have FileZilla ask for your password every time.

You can prevent further unauthorized FTP access to your server by setting up a firewall and only allow FTP access from your IP address.

Using sFTP with your FTP client is a good way to keep your web server as secure as possible. sFTP is slightly slower than regular FTP, but it’s worth the extra time.