The Hostway Blog

Securing Your Web Site Launch

Security issues are top-of-mind for today's entrepreneurs wanting to use their Web site to communicate with or sell to online customers. Secure file transfer protocol (SFTP) ensures that the relatively simple process of uploading your website to the Internet does not result in attacks by spammers or other nasty Internet drones.

File Transfers

Getting your beautifully crafted Web content to appear on your Web site usually involves the use of a file transfer protocol or FTP. This is often the first time a new businessperson becomes aware of file transfer technologies. FTP is a very stable protocol but it has the disadvantage of a clear vulnerability to packet sniffers. SFTP is a more modern and secure way to accomplish the same task.

Packet Sniffers

These little programs can analyze the content of every piece of information flowing over a network and pull out email addresses, passwords and any other content flagged by the initiator. They are useful for people monitoring use of their network, for programmers who are debugging and for criminals looking for information to use or sell.

Advantages of SFTP

There is no way to encrypt text sent via FTP because it was developed before file transfer security became an issue. All information is sent in a readable form—including the login name and password that the person uploading Web site files is using to access their Web server. This is partly why SFTP was developed by the Internet Engineering Task Force to use SSH encryption for the whole data stream. As SFTP has been around for a decade and is a free, open source piece of software, security loopholes have been addressed in successive versions.

Should FTP Ever Be Used?

Some Web developers still use the old FTP protocols to upload Web content, especially when uploading very large files or those with multiple graphics. However, every time they use FTP, their login name and password shoots out over the Internet, passing through multiple different network points, any one of which may be looking for this type of information in order to hack in to a Web hosting server.

Once they get in to your server, hackers could potentially compromise the security of all the data sent through your Web site, and the data of anyone else using the same Web host. They can also start spamming in earnest, creating huge amounts of traffic and storage needs that can cause the server to slow down or even stop completely. SFTP is the file transfer tool of choice as the "arms race" between Internet security professionals and hackers continues.