Quote:
|
Originally Posted by somekindahate
Not to be rude as I'm sorry that some people had their X-Cart sites compromised, but I'm somewhat shocked by how many people are using FTP to access their servers in this thread. Is there any reason why you guys are not using SFTP? Most control panels support SFTP and I wouldn't host with a provider who doesn't allow SFTP access. With FTP everything is transferred in plain-text including your password, which is not that great of an idea when running an e-commerce store.
Steven F, one of the co-founders of Panic who make Transmit (FTP/SFTP client for Mac) summed it up well in this blog post:
http://stevenf.com/archive/dont-use-ftp.php
I don't want to be seen as pouring salt into wounds, but I figured this would be a relevant place to bring up this issue. |
One of the reasons we do not allow FTP or any kind of non secure connection to our servers (including email connections).
Certainly doesn't guarantee you security, but atleast the traffic on your server can't be "watched" so that someone can get the login info.
Carrie