All sysadmins, PLEASE! For the love of God just block port 21 in any direction from anywhere, going anywhere.. FTP needs to die.. The f**king protocol predates tcp/ip for God's sake! We need to stop project managers using it, it's a nightmare!!

Couldn't disagree more. FTP perfect for its intended purpose - transferring files!! Would you rather use cloud sharing services for this sort of thing?

@samk FTP is not secure so if you want to deeply use Git or rsync over SSH and if you are talking about public files you can use HTTP. Happiness.

Agreed, we have secure transfer these days.. We also have protocols that don't rely on backtunnels / terrible port commands. If you want to live in the days of VMS transferring your public keys, sensitive data and passwords across the Internet in plain text.. Or relying on broken ssl encryption (yes, vsftpd isn't linked to openssl and is still vulnerable) be my guest.

We shall see see you in the 21st century.. I'll be the one waving at you whilst you're outside the job center.

;-)

F-T-P-S

@RosaCtrl I've maybe made my point a little too succinctly. Yes, I am aware of the limitations and risks of standard FTP. You obviously need to exercise some sense when using it (not for sensitive data or business critical information). But it has a valid role and the private web hosting world is still totally based on it. Blanket blocking port 21 (et al) is an inappropriate sledgehammer, IMHO.

Ah I think I was a little vicious in defending my rant too.. Lol, sorry about that. As a sysadmin, I find ftp is a nightmare to deal with at the firewall level (a bit like my personal hatred for rtp too.. But that's another story). I still can't understand why such a difficult protocol as still in use these days just because someone shoehorned in ssl.. It's a nightmare to proxy, a nightmare to load balance.. Especially with sftp, scp, rsync over ssh et all..

It also gives pm's the ability to mess with things they really shouldn't do ;-)

(which, I'll have to admit, was the cause of my rant in the first place lol)

@samk I still agree with @asphytotalxtc: you have (better) alternatives. The fact that it is still used doesn't erase the fact that you can replace it with better options. Maybe I'm biased: in the few (really few) machines that I admin there's no FTP 😁

@asphytotalxtc No apologies necessary!! 😜 All good fun.

I admit to having no real concept of the architecture and overheads of FTP. But there are just occasions throughout my career when it has been the most appropriate choice available to me.

But your experiences suggest your rant is fully justified!! 👍🏻