What is FTP?

File Transfer Protocol (FTP) is THE most battle-tested protocol for managing files over a network. Simply put, FTP is used for downloading and uploading files, managing folders, and executing all the file management operations you might want to do but across a network.

Table of contents

  1. FTP Fundamentals
  2. The use cases of FTP
  3. How to access your FTP server
  4. The different types of clients
  5. How FTP works
  6. FAQs
  7. Technical Resources
  8. Recent Videos

FTP Fundamentals

FTP is built on the client-server model architecture. To use it you need 2 main components:

The Use cases of FTP

Website administrator: The most common use case for FTP is to manage a site made with something like wordpress, joomla, Drupal, ... Using FTP, administrators can upload new files and content to their servers, update web pages and scripts, manage media files, back up their website data, ...

Software distribution: Historically most softwares in the linux world were publish through mirrors on FTP servers. For example: ftp.debian.org, ftp.gnu.org, ftp.slackware.com.

Network Storage: Many enterprises do use FTP to provide network storage solutions and be able to share data both internally and externally. There is literally millions of those on the internet.

The different type of FTP clients

Assuming you have an FTP server somewhere you know either its IP address or have a domain name, you can access such server through a tool called an FTP client. Depending on what you are trying to do, you will find different types of clients:

screenshot of Filestash when uploading

The role of those clients is to talk to your server using the FTP protocol and perform the action you want to do on that server. For example, if you are hosting WordPress and want to change your theme, you will be able to use that client to update some data on your server.

How to access an FTP server?

For the sake of this guide, we will be connecting to the gnu ftp server available from: ftp://ftp.gnu.org. To make things really simple we will be connecting to it via a web client:

screenshot of the content in ftp://ftp.gnu.org

How FTP works?

FTP is a standard that has evolved over time to take advantage of technological advances we’ve had over the last 50 years. In its currently used format, the protocol is an entirely TCP based service without any UDP components. What makes FTP different is how it uses 2 connections, a first one for the control exchange which runs typically on port 21 and another one for data exchange which is typically using port 20 and random port > 1024.

The model of FTP as described in RFC959:

                                            ||   User  ||    --------
                                            ||Interface|<--->| User |
                                            |\----^----/|    --------
                  ----------                |     |     |
                  |/------\|  FTP Commands  |/----V----\|
                  ||Server|<---------------->|   User  ||
                  ||  PI  ||   FTP Replies  ||    PI   ||
                  |\--^---/|                |\----^----/|
                  |   |    |                |     |     |
      --------    |/--V---\|      Data      |/----V----\|    --------
      | File |<--->|Server|<---------------->|  User   |<--->| File |
      |System|    || DTP  ||   Connection   ||   DTP   ||    |System|
      --------    |\------/|                |\---------/|    --------
                  ----------                -------------

                  Server-FTP                   USER-FTP

- PI: "protocol interpreter"
- DTP: "data transfer process"

If you want to know all the intricacies of FTP, its mode and commands, a good starting point is RFC959. If you feel like a historian, you might want to read the very first RFC114 and if that's still not enough you want to dig through RFC 697, RFC 765, RFC 1579, RFC 1635, RFC 1639, RFC 1738, RFC 2228, RFC 2389, RFC 2428, RFC 2577, RFC 2640, RFC 3659, RFC 5797, RFC 7151.


What FTP stands for?
"File Transfer Protocol".

Is FTP secure?
FTP is as secure as HTTP. In practice most people referring to FTP would have their server setup to accept FTPS connections and FTPS is as secure as HTTPS.

Who invented FTP?
FTP was invented by Abhay Bhushan while he was a student at MIT. Fun fact, he also work on the early version of emails.

When was FTP invented?
The original spec of FTP was published the 16 April 1971.

What are the 3 most common FTP servers?
According to shodan, the most popular FTP server is PureFTPd with 26% market share, followed by Bftpd and Microsoft FTPD.

Is SFTP the same as FTPS?
No! FTPS and SFTP both enable secure file exchange over a network but the way they work under the hood are completely different in the same way apples and oranges taste vastly different despite both being fruits.

What is anonymous FTP?
The anonymous user is a special account enabled on certain FTP servers, allowing individuals to browse and download resources without the capability to modify the server's content.

FTP has the reputation to be tricky to deploy, why is that?
Contrary to some other file transfer protocols (like SFTP or WebDAV), FTP can't work using a single port but need a range of opened port, making the configuration of firewalls potentially challenging depending on your environment.

Technical Resources

FTP Client

An online web client for FTP you can use from your browser Use the FTP Client

FTP Test tool

A Test tool to see all the information your FTP server is exposing Explore the tool

Setup a FTP server

Deploy proftpd, the most popular FTP server Deploy proftpd

FTP from the CLI

Master the FTP client from your command line using the ftp command Explore the FTP CLI

FTP via curl

curl can be used as a FTP client, learn how to use it from your terminal. Explore FTP via curl

The simplest FTP server

Python has this great library you can use to create a FTP server as a one liner using pyftplib. Deploy pyftplib

Recent Videos

Online Tools:

WebDAV Client S3 Browser FTP Client SFTP Client SMB Client