Welcome Guest. Please Login or Register  
Client Area  |  Softaculous Cloud  |  Calendar  |  Quick Links  |  
   


You are here: Index > Webuzo > Suggestions > Topic : Secure FTP by default



Normal Mode | Print  

 Secure FTP by default (1 Replies, Read 3235 times)
optsoft
December 30, 2013, 5:24 pm
Group: Member
Post Group: Newbie
Posts: 38
Status:
Hi,
Feature request for upcoming version(s):

Make the FTP account setup use SFTP by default.

This will ensure that users dont type their main Webuzo password in plaintext when using tools like CuteFTP on Windows or FileZilla on Linux / Windows.

This is an important security upgrade for Webuzo although it is not obvious that this could be a valid attack vector - FTP passwords being monitored over Wi-Fi is not something you might normally think of when making a server administration package :-)

Given that any credentials being sent unencrypted on the internet is risky nowadays, this seems important to me.

An alternative would be to force users to create a new FTP account by not allowing the main webuzo user account to login into FTP - this however does not prevent the password being sent across a couple of times till the Webuzo user is convinced that indeed he needs to make a new FTP user.

This can surely be considered to be doing extra work to cover up for lack of user's security awareness, but ultimately a good software is that which does not allow a user to break things, no?

Thanks & regards
/optsoft
IP: --   


Threads
 optsoft   Secure FTP by default (1 Replies, Read 3235 times)
    |--  valley   Thanks for the...   on December 31, 2013, 4:56 am

« Previous    Next »

Normal Mode | Print  



Users viewing this topic
1 guests, 0 users.


All times are GMT. The time now is May 3, 2024, 12:11 am.

  Powered By AEF 1.0.8 © 2007-2008 Electron Inc.Queries: 11  |  Page Created In:0.166