FTP / SFTP Guide for Beginners

Disclosure: HostScore is reader-supported. When you purchase through our links, we may earn a commission.

What is a File Transfer Protocol (FTP)?

FTP is a standard network protocol used to transfer files from one host to another over a TCP-based network, such as the Internet. FTP works on a client-server model where files are transferred between a client and a server.

FTP uses two separate channels for communication: a command (or control) channel for transmitting commands and responses, and a data channel for transferring files. It lacks built-in security for transferring files, as data is transmitted unencrypted, making it susceptible to interception and attack.

FTP been around since 1971, making it one of the first protocols developed for this purpose.

What is a Secure File Transfer Protocol (SFTP)?

SFTP, on the other hand, is a secure version of FTP that operates over the Secure Shell (SSH) protocol to ensure that both commands and data are encrypted. This makes it much more secure against network eavesdropping and data theft.

Unlike FTP, SFTP uses a single connection for both commands and data transfer, which simplifies the setup and reduces the chance of issues with firewalls and port forwarding. It also supports advanced features like file access, file transfer, and file management functionality securely over any reliable data stream.

How FTP and SFTP Work?

FTP transfers files using separate control and data connections, often without encryption, while SFTP securely transfers files over a single, encrypted SSH connection. Both FTP and SFTP are client-server protocols and they rely on communication channels between the client and the server.

FTP for Dummies – How FTP Works?

FTP can operates in active and passive mode.
FTP can operate in active and passive modes. (Source)

FTP works on a client-server architecture and uses separate control and data connections. FTP users may authenticate themselves with a clear-text sign-in protocol (generally a username and password). However, some servers do allow anonymous connections.

FTP can operate in the active (the default) and passive modes. In the active mode, the FTP client connects from its port 20 to the server’s port 21. In passive mode, both ports are open for communication. Your network firewall needs proper configuration so that both active and passive modes will function properly.

SFTP for Dummies – How SFTP Works?

How SFTP works?
How SFTP works (Source)

SFTP is separate and usually packaged with SSH that similarly works over a secure connection. The critical difference is that SFTP adds encryption to both credentials and the data itself. SFTP is not to be confused with FTPS, which is FTP run over SSL, a security layer different from SSH.

FTP vs SFTP: What’s the Difference?

Here’s a comparative table outlining the main differences between FTP vs SFTP:

FeatureFTPSFTP
ProtocolStandard network protocol for file transferSecure version of FTP that uses SSH
SecurityNo encryption; data is vulnerableAll data is encrypted
PortTypically uses TCP port 21Usually runs on TCP port 22
AuthenticationSupports anonymous access and username/passwordRequires valid SSH credentials
Data TransferTransfers data and commands over separate channelsTransfers data and commands over a single, secure connection
FirewallRequires multiple ports to be opened on firewallOnly needs one port open on the firewall
PerformanceCan be faster due to lack of encryptionSlightly slower due to encryption overhead
Ease of UseWidely supported by many hosting servicesRequires SSH access and setup
ComplianceNot suitable for compliant environments due to lack of securityOften required for compliance with standards like HIPAA, GDPR, etc.

How to Use FTP / SFTP for Your Website?

While you can run FTP and SFTP from a command-line interface, using an FTP Client application is much more convenient. There are many suitable FTP applications around. My preferred choice is Filezilla, available since 2001, is free, and works on most platforms.

1. Using the Filezilla FTP Application

Filezilla offers a familiar interface for Windows users.
Filezilla offers a familiar interface for Windows users.

Head to the Filezilla website and download the version you need. There are separate installers for different platforms. Once downloaded, you can launch the installation file and follow the instructions. Be aware that it will try to get you to install some bloatware – but you can decline the offer.

Next, launch the application.

For most connections, you’ll need to enter three pieces of information:

  1. Host,
  2. Username, and
  3. Password.

Your web host usually provides these. If you have a web hosting account, your web host will give these settings to you in an email or online via the web hosting control panel. 

Connect to a Server

You may need to create a new FTP user if this is the first time using FTP with your account. If you’re connecting to a server that isn’t under your control, you’ll need to contact the server administrator.

If you have an SFTP connection instead of an FTP connection, Fill out your Host and Username as described above. Enter either your Password (if applicable) or “none” for the Password. Next, hit the “Connect” button. 

The main display area is split into two parts. One the left is your local machine, and on the right is the remote server. The display panels are almost identical to the Windows file manager. Drag and drop anything you want to move to or from your web server.

2. FTP by Command Line

Even if you don’t wish to use a dedicated FTP application like Filezilla, you’ll need a medium to connect to your server.

Windows

For example, in Windows, you can use the FTP instruction from the command line by typing:

ftp <hostname / IP address>

Mac

On a Mac, you can use the built-in FTP application.

  1. Click on your Finder icon,
  2. Select “Go,” then “Connect to Server.”
  3. Enter the server address and
  4. Click “Connect.”

Regardless of the method chosen, you will need to enter your username and password to complete the connection.

Cyberduck

If you aren’t happy with the default Mac FTP application, there are others you can download and install. I recommend Forklift or CyberDuck.

Basic Commands

After the connection, though, things get more complicated. As with all command-line interfaces, a good memory is a must. Here are some basic commands to start off with:

Uploading files – ftp> put filename
Display current directory – pwd
Changing directory – cd <directory name>
List directory content – ls
Download all HTML files – mget *.html
End connection – close
Reconnnect to a server – open ftp.<servername / IP address>

Final Thoughts – FTP / SFTP Explained

Basic FTP commands can be helpful if you’re creating scripts that update your website or need to transfer large groups of files. However, unless you’re opposed to installing new applications, I highly recommend using an FTP application over command instructions.


More from HostScore

Estimate Your Cost

How much should you pay for your web hosting? Planning your website budget?

Tell us about your website and we'll help estimate how much you need to pay for your web host for the next 12 months.

HostScore Calculator (Free)

Article by Jerry Low

Jerry Low has immersed himself in web technologies for over a decade and has built many successful sites from scratch. He is a self-professed geek who has made it his life’s ambition to keep the web hosting industry honest. For latest personal updates and news, follow Jerry on Facebook and Twitter.
Photo of author