Change Filezilla FTP Server Remote Administration Password
When the FileZilla FTP Server is first installed with XAMPP, there is no default password for accessing the FTP Server Administration. To make the server more secure, it is a good idea to create a password for accessing it.
The FTP Server allows remote administration. To accomplish this, it runs an administration server (in addition to the FTP server). By default, this server binds to “localhost” (127.0.0.1) only, and it uses port 14147. It is a good thing that the default binding is only to localhost, this gives you initial security such that it is impossible to access the server remotely. By default, the password to access the administration is blank. However, if other people are accessing your computer directly, or if you want to utilize remote administration, it is a good idea to change this password.
In order to change this password, you need to do the following:
- Access the server from your local machine (same machine running the server). The password can only be changed from the local machine, so you can’t use a remote machine for this.
- Execute “FileZilla Server Interface.exe” from your FileZilla directory. If you are running XAMPP, an alternative for accessing the server is to press the “Admin” button for FileZilla on the XAMPP control panel.
- A dialog box pops up titled “Connect to Server?”. Use the following values and press “OK”:
- Server Address = 127.0.0.1
- Port = 14147 (or if you have configured a different port, use that)
- Administration Password = (use an empty box for your first access, otherwise use the password that you previously assigned)
- Make sure you have really connected. You should see “Logged on” in the FileZilla server window if you really logged on. If you didn’t log on, it will keep trying. If you have not successfully logged on, fix it before moving on to the next step.
- Change the password using the menus:
- Click Edit->Settings
- In the left panel, select “Admin Interface Settings”
- Check the box labeled “Change admin password:”
- Enter in the new password in the “New:” and “Retype new:” edit boxes.
- Click OK
- In the log window, you should see:
Sending settings, please wait... Done sending settings.
- Close the server administartion program.
- (Optional)Start and restart the server. I’m not sure if it is necessary, but it doesn’t hurt.
- Test that you can access the server with your new password.
If you desire remote access to the FTP server administration, you can set that up (future article coming). Only setup remote access if you really need to, as it gives you a little less security.
If you are here as part of the XAMPP security tutorial, the next step is to go back and continue to remove default usernames and passwords.