What is the difference between FTP and FTPs and SFTP?

The title protocols are very often used by page creators when making modifications to files and for example when moving pages. It is worth to learn the differences between them in order to avoid security problems with the website.

Using FTP protocol has one serious flaw – the data sent with this protocol is unencrypted. This means that you can preview the content of packets sent to the server, including packets containing our FTP login and password. Therefore, when using FTP protocol there is a real risk of leakage of our access data to the server.

Therefore, it is much safer to use FTPs (FTP Secure and FTP-SSL) – it works as an FTP protocol with the difference that the sent packets are encrypted. Thanks to this, suspicion of data sent in packets is very difficult or even impossible.

FTPs is often confused with SFTP (SSH File Transfer Protocol) – in fact, these are two completely different types of communication, the common part of which is packet encryption.

SFTP works like an SSH connection to a server. The advantage of SFTP is the ability to use public keys instead of passwords for authentication. This allows us to use our key instead of multiple passwords for different servers.

These protocols also differ in the port used:

• FTP uses port 21,
• FTPs uses port 21 or 990,
• SFTP uses port 22.

The ports used for communication may differ from the above – server administrators sometimes change them for security reasons.

If possible, avoid using FTP to transfer files – use encrypted alternatives such as FTPs or SFTP instead.