Disable FTP clear/plain text authentication

Written by Jacob Nicholson

If you've read our previous article on how to pass PCI compliance scans, you might notice that you failed a PCI scan due to FTP clear/plain text authentication being used. In this article we'll discuss disabling FTP clear/plain text authentication.

By default when you establish an FTP connection to the server, your credentials are passed to the server as clear/plain text. What this can mean is that if someone was sniffing the network traffic from your computer to the server because you were on a open WiFi network for instance, they could potentially compromise your account. So requiring an encrypted connection instead of a clear/plain text one can help protect your account against this.

It's important to note that this change would require you having root access on your VPS or dedicated server, as this is an advanced setting and the default can't be changed on our shared servers.

  1. Log into WHM.
  2. In the top-left Find box enter in ftp, then click on FTP Server Configuration.
    whm-click-on-ftp-server-configuration
  3. In the TLS Encryption Support drop-down, select Required (Command).
  4. Scroll to the bottom of the page and click on Save.

You should now know how to disable FTP clear/plain text authentication on your server. Now that you know how to disable this you'll also more than likely want to learn about securely connecting to your website using an FTP client as well.

Like this Article?

Login to comment.

Support Center Login

Your Opinion Matters

... but we need to know what you're thinking!

I'm Jacob Nicholson, your friendly Community Support technician, and I wrote the article you're looking at now. I like to think it's perfect, but I'm sure you have some suggestions. Please, let me know what they are!

Feedback
Your Email Address
Because we'd like to talk with you!

Latest Questions

If you need some help, submit your question to our Community!
We guarantee a response within 60 minutes (8am - 9pm EST, Monday - Friday)
Ask a Question!
Recent Questions
  1. The best way to setup an external MS exchange server as the main mail server with inmotion hosting as the backup mail?
  2. Can I create a website on another website (e.g. Wix) and have it hosted on my inmotion domain?
  3. Why can't I see my updated web files on my website?
Browse other questions

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!