What's FTP (File Transfer Protocol) and how does it work?
FTP stands for File Transfer Protocol. It is a protocol used to transfer files between an FTP host or server and the client computer. FTP is most commonly used to download files from servers on the Internet. It is an alternative to the HTTP protocol for downloading and uploading files to servers.
The history of FTP
In the early days of computing, complex sets of commands had to be learned to use the Internet. FTP, invented in the early 1970s, established a standard protocol for transferring files between systems.
FTP protocols used for the Internet standard were drafted by the Internet Engineering Task Force committee as a series of RFC (Request for Comments) formal documents. In 1971 the FTP protocol RFC 114 was published. Over the years the document was revised with newer versions making changes to improve the FTP protocol. RFC 959 was published in 1985, which became the current standard specification. The RFC document is still being amended to date, with revisions to improve the security of FTP and adding support for newer technologies.
FTP is used for:
- Uploading web pages to web servers for publishing on the Internet
- Browsing and downloading files from public software sites
- Transferring large files among two parties that are too large for email attachments
- Downloading and uploading content like university’s assignments via an FTP server
- Distributing the latest revisions of programs by software developers
Basics Functions and Terms of FTP
To use FTP, you will need FTP client software and an FTP server. You also need to know the server address, the username, and a password and port number. The basic information you need in order to log in successfully follows:
FTP Host: IP address or URL
FTP Port: 21 (unsecured) or 22 (secured)
FTP Username: ftpuser
FTP Password: thisispassword!
PORT is the COMMAND port number you are using to connect to the server. The most common port number is port 21.
Transfer Modes – Passive and Active
In passive mode connections, the FTP client initiates the connections to the command port and data port to the host server. This is the preferred mode in most FTP clients as well as the default FTP setting in SyncBackPro as the client’s firewall will allow outgoing connections to the server.
The FTP client first establishes the connection by opening a port (random port, X>1023) locally and connecting to Port 21 of the server. The client then opens another port X+1 and sends out the PASV command to notify the server it is in passive mode.
The server will respond by specified listening port and acknowledges the client by sending out P to it. Then the client initiates the connection from port X+1 to the server’s port Y for data transferring.
In active mode, the FTP client initiates the connection by connecting to the server’s command port Port 21). The client then opens a listening data port and sends the command PORT to the server. The server, using Port 20, will initiate the connection to the specified data port on the FTP client.
The problem with this is that the client simply tells the server which data port it is listening to and the server is the one making the connection to the client. Thus to the client’s firewall, it appears that an external system is trying to make a connection to an internal system. This causes the firewall to block this connection unless it was configured beforehand to allow it.
An encrypted connection secures the data while it is transferred between systems. FTP connections are usually not encrypted but some FTP servers may require or offer an encrypted connection. The types of encryption are:
- Implicit SSL – Only SSL supported clients are allowed access. Secured communication is setup from the beginning of the connection. Server and client do not transmit clear text during the session. Default SSL port is 990.
- Explicit SSL – A mix of non-secure and secure clients are allowed.
- Unencrypted FTP connection are established but can be upgraded to a secure connection when sensitive data are requested for sending.
- SFTP – SFTP stands for Secure FTP. It uses secure shell connection (SSH) and requires encrypted public key authentication. Files are transferred between computers over a SSH secure data stream.
The main reason to use the FTP
- It allows you to transfer multiple files and folders.
- When the connection is lost then it has the ability to resume the transfer.
- There is no limitation on the size of the file to be transferred. The browsers allow a transfer of only up to 2 GB.
- Many FTP clients like FileZilla have the ability to schedule the transfers.
- The data transfer is faster than HTTP.
- The items that are to be uploaded or downloaded are added to the ‘queue’. The FTP client can add items to the ‘queue’.
FTP has been around for a long time and while its popularity has decreased since the introduction of cloud services, it is still commonly used by administrators for file uploads to the web server, file data transfer, remote backup and backups to FTP servers.