-1

I have a IIS installation on Windows Server 2012 R2.

I need to provide FTP access to a website. Its only one person.

The easiest way to make it secure is to make an ip-restriction and only allowing his IP address?

And if I do that, is there anything else I need to do to make it secure, or is it secure with IP restriction?

Thanks Jakob

Rex
  • 7,895
  • 3
  • 29
  • 45
user1741807
  • 5
  • 1
  • 2
    Define secure As in, how secure do you need it to be? FTP username/password (and everything else) are sent in plain text. IP's can be spoofed.. Is it better than nothing, yes. Asking is it secure depends on how secure you need it to be. – Rex Oct 03 '14 at 19:02

1 Answers1

3

FTP is an insecure protocol that sends all information, including credentials, cleartext. IIS 8.5 supports FTPS/FTP over SSL; I would recommend requiring SSL.

Katherine Villyard
  • 18,550
  • 4
  • 37
  • 59