With the rise of security risks on Websites that process credit cards, some PCI compliance companies, like Trustwave are requiring FTP to be shut off and a different method of uploading and downloading files be used. In order to accommodate these PCI compliance requirements, you can use SFTP or SCP to copy files from your local computer to your server.
What is SFTP and SCP?
SFTP is SSH File Transfer Protocol, Secure File Transfer Protocol, or Secure FTP. An SFTP connection uses port 22 through the command line or another SFTP client. SFTP connects securely so the data is encrypted over the network. You can restrict certain IP addresses and allow certain IP addresses making the SSH port 22 open only to specific users.
SCP is Secure copy based off of the Secure Shell Protocol (SSH). SCP is a Secure connection over port 22 that allows only certain IP addresses to access the server the same as SFTP.
Why would I want to use SCP and SFTP?
If you are running a website that requires credit card payment transactions, you will need to follow PCI compliance standards. This is to ensure that the site will not be compromised by hackers trying to steal personal information. Website owners run PCI compliance scans on their server to find any potential risks to website attacks. When the server fails to pass the PCI scan due to FTP port 21 being open, the web developer is forced to use a different method to upload and download files from the server. This is where SCP and SFTP come in. SFTP and SCP allow the developer to connect to your server on a secure connection.
How do I connect / use SCP and SFTP?
You can use SSH Secure Shell, PuTTy, FileZilla or another program to connect to your server using SFTP. WinSCP can connect to your server using SCP protocol. You can even use some HTML editors to connect with SFTP like DreamWeaver.
Connecting with SFTP with FileZilla
- Open FileZilla.
- Click the site manager button at the top right of the FileZilla client.
- Set your connection to the following settings, but keep in mind for the Host option you could also use your server’s IP address or your server’s hostname (this can be viewed in AMP).
Protocol: SFTP (SSH File transfer Protocol)
Logon type: Normal
User: The cPanel username
Password: The cPanel password Account: Leave blankImportant! You must have your local IP address added to your server Firewall through the WHM.
- Click the Connect button.
Connecting with SCP with WinSCP
- Open WinSCP.
- Set your connection to the following settings.
Host name: your-server.com (you could also use your server’s IP address or your server’s hostname (this can be viewed in AMP).)
Port number: 22
File Protocol: SCP
User name: The cPanel username
Password: cPanel passwordImportant! You must have your local IP address added to your server Firewall through the WHM.
- Click the Login button.
Congratulations, now you know how to connect to your server with SCP and SFTP. Check out our VPS Security guide to learn how to harden your server security.