File Transfer Protocol (FTP) is a standard network protocol used for transferring files over the internet. It allows users to upload and download files to and from a server. FTP has been around since the early days of the internet and remains a popular way to transfer files.
FTP is a client-server protocol, which means that there is a client software that runs on the user's computer and a server software that runs on a remote computer. The client software can be a standalone program or a built-in feature of a web browser. The server software is typically provided by a web hosting company or an organization that wants to make files available for download.
FTP works by establishing a connection between the client and server, and then transferring files over that connection. The connection can be either a data connection or a control connection, or both. The control connection is used to send commands and responses between the client and server, while the data connection is used to transfer the actual files.
There are two modes of FTP that determine how the data connection is established: active mode and passive mode.
-
Active mode FTP is the original FTP mode and is still widely used. In active mode, the client initiates the data connection to the server by specifying an IP address and port number. The server then establishes the connection and sends data to the client. Active mode can sometimes cause problems when the client is behind a firewall or NAT (Network Address Translation) device, as the firewall or NAT may block the incoming data connection.
-
Passive mode FTP was introduced as a workaround for the problems caused by active mode. In passive mode, the server opens a port and listens for the client to connect. The client initiates the data connection to the server, and the server sends data to the client. Passive mode is often used when the client is behind a firewall or NAT device because it allows the client to establish the data connection to the server.
FTP can also be used with different security protocols, including:
-
FTPS (File Transfer Protocol over SSL/TLS) is a secure version of FTP that uses SSL/TLS encryption to protect data during transfer. FTPS can operate in either implicit or explicit mode.
-
Implicit FTPS uses SSL/TLS encryption to establish a secure connection right from the start of the connection, and the client is required to use SSL/TLS from the beginning of the session. Implicit FTPS uses port 990 by default.
-
Explicit FTPS also uses SSL/TLS encryption to secure the connection, but the encryption is only enabled after the client requests it. The client initiates an unencrypted connection on port 21, and then explicitly requests a secure SSL/TLS connection. Explicit FTPS uses port 21 by default, just like regular FTP.
-
SFTP (Secure File Transfer Protocol) is a secure file transfer protocol that uses the Secure Shell (SSH) protocol for authentication and data encryption. SFTP is a completely different protocol from FTP and FTPS, and operates over TCP port 22, the naming of SFTP can easily be confused if you think of this as Secure FTP but it should be noted Secure FTP is normally shown as FTPS.
In summary, FTP is a standard protocol that is widely used for transferring files over the internet. It has two modes, active and passive, that determine how the data connection is established. Additionally, in recent years everyone has become more security conscious and to protect data when being transmitted the adoption of FTPS is now the default by many hosts, in many cases this is just a simple change in your software if it's supported, any modern software should support FTPS.