cPanel & WHM Version 98 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!
This object is in archive! 

Better FTP Configuration Instructions

myusername shared this idea 8 years ago
Open Discussion

The current FTP Connection Settings instructions in cPanel mention SFTP even when SFTP is not possible because of shell being disabled.


There is no mention of TLS connection settings even when Service Configuration » FTP Server Configuration has it optional or required in the TLS Encryption Support field.


This leads many users into a confused state and if they try SFTP too many times they may end up getting blocked if certain firewalls are used or annoyed that they cannot connect at the very least, which will result in a trouble ticket to the hosts support desk in most if not all cases where a user has found these instructions.


The system should not offer SFTP options if an account has no shell, and it should offer TLS options if TLP is allowed or required.


New configuration files should also be made available for TLS.

Replies (1)

photo
1

I'd like to add a few enhancements to the above:


The configuration files and instructions should display the correct FTP host if the TLS option is required by server admin's settings in Service Configuration » FTP Server Configuration. (Server's primary hostname NOT domain.com)


If this setting is disabled or optional, then similar rules should apply where, the configuration files and instructions should display the correct

FTP host if the TLS option is not selected by the user (even though available) or disabled by admin in Service Configuration » FTP Server Configuration. In this case FTP host would simply be ftp.domain.com or domain.com not the server's hostname.


If TLS is selected by the user (if admin has made it an option), and a self-signed SSL is installed, or the CA-signed SSL is expired, the instructions should tell the user about the security exception they are required to accept in their FTP application.

This could be made possible (using existing cPanel/WHM functions) when the system detects a self-signed or expired SSL (As it's done in "Service Configuration »Manage Service SSL Certificates)

else, no warning/instructions should be necessary for the user in regards to "SSL certificate exception."

Leave a Comment
 
Attach a file