What FTP connection settings should I be using?
This is an FTP settings / configuration reference guide. When connecting to a Websavers server to upload or download files there are two supported mechanisms: FTPS and SFTP. Standard FTP is no longer accepted by any of our servers due to the security issues inherent in the File Transfer Protocol (passwords are sent in the clear, with no encryption, making them easy to steal).
Connecting with FTPS or SFTP
To connect to a Websavers server you must use FTP with TLS/SSL on port 21. (Not Implicit SSL on port 990 - this will not work) If you're provided the option to choose SSL or TLS on port 21 (rather than both), choose TLS.
- Protocol: FTPS or FTP with TLS/SSL
- Host / Server: use the server's hostname. This is shown in the Client Centre after you click Settings beside your hosting plan. If the domain is pointed to Websavers, you may alternately use ftp.yourdomain.com or just yourdomain.com*
- Port: 21
- Encryption: Explicit FTP over TLS
- Connection Type / Transfer Mode: Passive or PASV Mode (not PORT or Active)
- Username: This is shown in Plesk under "Web Hosting Access" for your primary FTP account or under "FTP Accounts" for any additional accounts you have created (You may need to click the "Hosting & DNS" tab to see these options).
- Password: This will be found in the client centre after you click to view your hosting plan. You can also reset in Plesk under "Web Hosting Access" or "FTP Accounts"
FileZilla Example: Choose "Site Manager" under the File menu. Add a new site and under the General tab, fill out the Host, Port, Protocol, Username and Password according to the info above. Under "Transfer Settings" tab, be sure to select "Passive" as your Transfer Mode. You may also wish to limit the number of simultaneous connections to 3 or less. Click Connect to connect to the server.
FTPS behaves exactly the same as FTP, however it will ensure that when you submit your username and password to the server, the password is fully encrypted end-to-end such that nobody can 'listen in' or sniff the connection to obtain your password.
Connecting with SFTP
SFTP is a very different protocol when compared to FTP. It uses a SSH (Secure SHell) tunnel to secure your entire connection to the server. It then invokes the "sftp-server" server-side to handle your uploads, downloads, directory listings, etc. You can only connect via SFTP when using your "System User" account in Plesk -- this is the one shown under "Web Hosting Access" (possibly under the Hosting & DNS tab). Your standard "FTP Accounts" cannot use SFTP to connect; they must use FTPS instead.
- Protocol: SFTP
- Port: 22
- Host / Server, username, password: same as above in the FTP/FTPS section
If the SFTP connection fails, it's because Access to the Server over SSH is not enabled in Plesk. This can be corrected by logging in to Plesk and choosing "Web Hosting Access". Below the password fields, look for "Access to the server over SSH" and set the value to "/bin/bash (chrooted)". Click OK. You should now be able to connect via SFTP.
If you are unable to connect after setting everything according to what is shown above in either the FTPS or SFTP section, please send us your transcription log for analysis. The information in your transcription or message log will tell us exactly why you are unable to connect successfully. In FileZilla your transcription log should be at the top of the window and will contain a long list of commands and responses from the server that you probably can't read easily. If you do not see it there, go to the View menu and Select "Message Log" to show it. Copy and paste the contents of that log into your support ticket or paste it into a text file and attach it to your ticket.
* If you do not use the server hostname when connecting, you will receive a certificate error similar to: WARNING! ftp.[yourdomain] uses an invalid security certificate. The certificate is only valid for *.websavers.ca. This is normal and as long as it says it's only valid for *.websavers.ca then you're OK to proceed by accepting the certificate anyway. Remember to replace your own domain name rather than yourdomain.com. If you only just registered your domain, use the IP of the server temporarily as shown in the Client Centre under "Plan Details"
- 6 Users Found This Useful