Change Filezilla FTP Server Remote Administration Password

Rob August 11th, 2007

This article is part of a series of articles about making XAMPP more secure. See the overview page for all the security measures.

When the FileZilla FTP Server is first installed with XAMPP, there is no default password for accessing the FTP Server Administration. To make the server more secure, it is a good idea to create a password for accessing it.

The FTP Server allows remote administration. To accomplish this, it runs an administration server (in addition to the FTP server). By default, this server binds to “localhost” (127.0.0.1) only, and it uses port 14147. It is a good thing that the default binding is only to localhost, this gives you initial security such that it is impossible to access the server remotely. By default, the password to access the administration is blank. However, if other people are accessing your computer directly, or if you want to utilize remote administration, it is a good idea to change this password.

In order to change this password, you need to do the following:

  1. Access the server from your local machine (same machine running the server). The password can only be changed from the local machine, so you can’t use a remote machine for this.
    1. Execute “FileZilla Server Interface.exe” from your FileZilla directory. If you are running XAMPP, an alternative for accessing the server is to press the “Admin” button for FileZilla on the XAMPP control panel.
    2. A dialog box pops up titled “Connect to Server?”. Use the following values and press “OK”:
      1. Server Address = 127.0.0.1
      2. Port = 14147 (or if you have configured a different port, use that)
      3. Administration Password = (use an empty box for your first access, otherwise use the password that you previously assigned)
  2. Make sure you have really connected. You should see “Logged on” in the FileZilla server window if you really logged on. If you didn’t log on, it will keep trying. If you have not successfully logged on, fix it before moving on to the next step.
  3. Change the password using the menus:
    1. Click Edit->Settings
    2. In the left panel, select “Admin Interface Settings”
    3. Check the box labeled “Change admin password:”
    4. Enter in the new password in the “New:” and “Retype new:” edit boxes.
    5. Click OK
    6. In the log window, you should see:
      Sending settings, please wait...
Done sending settings.
  4. Close the server administartion program.
  5. (Optional)Start and restart the server. I’m not sure if it is necessary, but it doesn’t hurt.
  6. Test that you can access the server with your new password.

Next Step

If you desire remote access to the FTP server administration, you can set that up (future article coming). Only setup remote access if you really need to, as it gives you a little less security.

If you are here as part of the XAMPP security tutorial, the next step is to go back and continue to remove default usernames and passwords.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

If you want to leave a feedback to this post or to some other user´s comment, simply fill out the form below.

(required)

(required)



July 2009
M T W T F S S
« Aug    
 12345
6789101112
13141516171819
20212223242526
2728293031  

Valid XHTML