Connecting with SCP and SFTPWritten by James Richardson
With the rise of security risks on Websites that process credit cards, some PCI compliance companies, like Trustwave are requiring FTP to be shut off and a different method of uploading and downloading files be used. In order to accommodate these PCI compliance requirements, you can use SFTP or SCP to copy files from your local computer to your server.
What is SFTP and SCP?
SFTP is SSH File Transfer Protocol, Secure File Transfer Protocol, or Secure FTP. An SFTP connection uses port 22 through the command line or another SFTP client. SFTP connects securely so the data is encrypted over the network. You can restrict certain IP addresses and allow certain IP addresses making the SSH port 22 open only to specific users.
SCP is Secure copy based off of the Secure Shell Protocol (SSH). SCP is a Secure connection over port 22 that allows only certain IP addresses to access the server the same as SFTP.
Why would I want to use SCP and SFTP?
If you are running a website that requires credit card payment transactions, you will need to follow PCI compliance standards. This is to ensure that the site will not be compromised by hackers trying to steal personal information. Website owners run PCI compliance scans on their server to find any potential risks to website attacks. When the server fails to pass the PCI scan due to FTP port 21 being open, the web developer is forced to use a different method to upload and download files from the server. This is where SCP and SFTP come in. SFTP and SCP allow the developer to connect to your server on a secure connection.
What hosting accounts support SCP and SFTP?
The only servers that allow a developer to connect using SFTP or SCP are VPS and Dedicated servers. Shared servers do not have SSH access, so if you fail a PCI scan for FTP being accessible, you will need to upgrade to a VPS or Dedicated to be able to use SCP or SFTP.
How do I connect / use SCP and SFTP?
You can use SSH Secure Shell, PuTTy, FileZilla or another program to connect to your server using SFTP. WinSCP can connect to your server using SCP protocol. You can even use some HTML editors to connect with SFTP like DreamWeaver.
Connecting with SFTP with FileZilla
- Open FileZilla.
- Click the site manager button at the top right of the FileZilla client.
- Set your connection to the following settings.
Host: your-server.com Port: 22 Protocol: SFTP (SSH File transfer Protocol) Logon type: Normal User: The cPanel username Password: The cPanel password Account: Leave blank
Important! You must have your local IP address added to your server Firewall through the WHM.