How to set up CoreFTP to use FTP over SSL

Windows 2008/IIS 7 and Windows 2012/IIS 8 allow a secure FTP connection via FTP over SSL. Note that this is not the same as SFTP (FTP via SSH), so you may have to experiment a bit with your FTP client settings to get a secure connection. Our tests were successful with the following:
  1. In the top left hand corner of the window (click "File > Connect").
  2. In the "Site Manager" window, click the "New Site" button.
  3. In the "Site Name" box, enter your domain name.
  4. In the "Host/IP/URL" box, enter your domain name or your secondary FTP address. Your secondary FTP address can be found in the Site Manager. (Log in to the Control Panel and click the "Sites" tab, then click the "Manage" link next to the domain you're trying to connect to. Your secondary FTP address is in the left hand side box labeled "Site Info".)
  5. In the "Username" box, enter your FTP username. If you are using the primary user, your FTP username can be found in the Site Manager directly under your secondary FTP address.
  6. In the "Password" box, enter the password for the FTP user. If you are using the primary user, the password is the same as your site password.
  7. In the "Port" box, make sure it is set to "21".
  8. The number in the "Timeout" box defaults to "60" (seconds), but if you are having problems with frequent timeouts, you may want to increase the timeout length.
  9. "Retries" defaults to 2. It is the amount of times the client will automatically attempt to retry connecting to the server should connecting fail. If you wish to enable automatic retries, be sure to check the "Retry On" box.
  10. The "PASV" box is checked by default. This sets the connection mode to "Passive". If you are having problems connecting to the server or staying connected, you can try unchecking this box, which will tell the client to attempt to connect using "Active" mode.
  11. Leave "Use Proxy" unchecked.
  12. In the "Connection" dropdown box, select "AUTH SSL".
  13. Under "SSL Options", check "SSL Listings" and "SSL Transfer". Leave "Clear (CCC)" unchecked.
  14. Check "Windows SSL".
  15. Click "Connect". A box will pop up labeled "Certificate Information". Click "Always Accept".

If you receive a "could not connect" error, or in implicit mode see an attempted connection to port 990, you have a configuration error. Please cut and paste the login information from the Site Manager to make sure you are supplying the proper credentials.

There's no such thing as too much security. SiteLock scans your website to detect hacking, and SiteLock TrueShield has a Web Application Firewall to block online threats. Protect your site today.