How to set up Core FTP LE to use FTP over SSL

Windows 2008/IIS 7 and Windows 2012/IIS 8 allow a secure FTP connection via FTP over SSL. Note that this is not the same as SFTP (FTP via SSH), so you may have to experiment a bit with your FTP client settings to get a secure connection. Our tests were successful with the following:
  1. In the top left hand corner of the window (click "File > Connect").
  2. In the "Site Manager" window, click the "New Site" button.
  3. In the "Site Name" box, enter your domain name.
  4. In the "Host/IP/URL" box, enter your domain name or your alternative FTP address. Your alternative FTP address can be found in Control Panel under "Account Info/Edit".
  5. In the "Username" box, enter your FTP username. If you are using the primary user, your FTP username can be found in Control Panel under "Account Info/Edit". For accounts hosted on our Windows Server 2008/IIS 7 and 2012/IIS 8 environments, the FTP user name requires a specific format. Please note that you will need to include the number, the pipe character and your user name.
  6. In the "Password" box, enter the password for the FTP user. If you are using the primary user, the password is the same as your Control Panel password.
  7. In the "Port" box, make sure it is set to "21".
  8. The number in the "Timeout" box defaults to "60" (seconds), but if you are having problems with frequent timeouts, you may want to increase the timeout length.
  9. "Retries" defaults to 2. It is the amount of times the client will automatically attempt to retry connecting to the server should connecting fail. If you wish to enable automatic retries, be sure to check the "Retry On" box.
  10. The "PASV" box is checked by default. This sets the connection mode to "Passive". If you are having problems connecting to the server or staying connected, you can try unchecking this box, which will tell the client to attempt to connect using "Active" mode.
  11. Leave "Use Proxy" unchecked.
  12. In the "Connection" dropdown box, select "AUTH TLS".
  13. Under "SSL Options", check "SSL Listings" and "SSL Transfer". Leave "Clear (CCC)" unchecked.
  14. Check "Windows SSL".
  15. Click "Connect". A box will pop up labeled "Certificate Information". Click "Always Accept".

If you receive a generic "could not connect" error, or in implicit mode see an attempted connection to port 990, you have a configuration error. Please cut and paste the login information from Control Panel to make sure you are supplying the proper credentials.

Looking for added security? SiteLock scans your website to detect hacking, and SiteLock TrueShield provides a Web Application Firewall to block online threats. Protect your site today.