Almost every server in existence needs a user to access its contents. However, almost nobody has the ability to browser a server as you would a desktop computer. The typical way to access a server is to use a network protocol; in most cases, you’ll want to use Secure File Transfer Protocol (SFTP).
This does what it says on the tin: It lets you transfer (or otherwise work with) files in a secure way over a reliable data connection. You’ll access a server using a dedicated client, and work with the files like you would on a local computer. In fact, you can edit and organize those files further, using apps and other software.
Over the course of this post, we’re going to discuss the concept of SFTP. We’ll also tell you how it differs from other protocols, such as Secure Shell (SSH) access, and the standard, unsecured File Transfer Protocol (FTP).
Because you’ll find web servers across the world, it’s important to have a reliable and consistent way to access them. Of course, you can’t log onto a web server in the way you would a desktop machine; your chosen server is likely too far away, and will often contain lots of data relating to other users.
As such, you’ll want to use a method that lets you access the files and folders that relate to your site. It should also encrypt the connection in the case of malicious intent. SFTP is the network protocol that allows for this.
The broad generalization is to use SFTP for transferring files and folders. This is true, although some of the use cases can cover lots of ground. For example, you can use SFTP to migrate a site, or even back it up. There are even some WordPress-related tasks that will need you to access your server as a ‘finishing point’. Our post on duplicating a page in WordPress discusses how to work with your functions.php file, for which you’ll need SFTP.
Speaking of which, you’ll want to gain access to your server in the case of an error or glitch with your site. This is especially true if you can’t access the WordPress dashboard, as is the case such as the 500 Internal Server error.
As such, you can carry out a wider range of actions on files and folders with SFTP, unlike some other connection protocols. In fact, this is one of the reasons you’ll want to use it. Let’s look at this in more detail next.
Some of the reasons you’d want to use SFTP will be obvious, while others will reveal themselves as you use it. Regardless, there are a number of points we can make about using SFTP over other protocols:
This brings up a question: Given that other protocols exist, why would we recommend SFTP over the rest? We’ll answer this next.
Of course, this article discusses and focuses on SFTP. However, other protocols do exist to connect to servers. In most cases, you’ll come across the following:
Although we’ve used “Secure File Transfer Protocol” as a naming convention here, you can also use “SSH File Transfer Protocol”. This is because SSH is the encryption wrapper around the transfer protocol. While it’s not correct to say that SFTP is FTP with SSH, for an end user it does ‘feel’ like that.
Also, SSH is able to exists without any transfer protocols. You’ll often use SSH on the command line, using a bunch of commands to log in and carry out the work you need.
For reasons of flexibility, security, and ease of use, SFTP will be your go-to method of logging into your server. However, you’ll need some tools, apps, and skills in place in order to use it. Next, we’ll uncover the key requirement.
While it’s not the only thing you need, a dedicated SFTP client is central to the process. This is where you’ll enter your credentials, work with the data on your local computer and server, and much more. Because of this, your choice of client is important.
There are a few items on the list of requirements. Here are the essentials:
On the whole, an SFTP client is a simple app, and if all you need is to gain access to your server, there won’t be too much deliberation on your end. In fact, while there are lots of options to choose from, there are really only three apps we recommend. We’ll look at them in turn, starting with the most popular one.
For many users, FileZilla is the quintessential go-to SFTP client on the market. You’ll find that many articles on the web discuss FileZilla as though it’s the only option available. Indeed, the WordPress.org support pages offer detailed tutorials on using FileZilla, and neglect other SFTP clients.
This is for many reasons, but a primary one is because it’s super simple to use. You only need one window to achieve everything you need. We’ll have more to say on how to get around a client later on, but as long as you know your computer’s files are on the left, and the server is on the right, you’ll be good to go.
What’s more, FileZilla is free to download and use for macOS, Windows, and Linux machines.
Fewer users know about Cyberduck, but that’s to their detriment. It’s a stellar SFTP client that takes a different approach to FileZilla.
While the client uses one window too, it doesn’t segment into different windows. The interface is cleaner, and won’t show the login fields, transfer activity, or your own directories by default. Instead, you see your server’s contents, and a few administrative icons.
Even so, the usability is just as good as FileZilla, and we’d suggest it’s arguably better than the other solutions on the marker – especially as it’s also open-source and free. Cyberduck can connect to a multitude of storage options, and you can even pay to mount your server within the macOS Finder or Windows File Explorer.
Also, there’s the option to donate if you’re a regular user, and we think this is a fantastic business model – you can support development with a $10 flat free at minimum.
If you’d like to use a premium SFTP client, Transmit is a brilliant solution. The developers of the Nova code editor also pour their expertise into this client.
Transmit is a sort of mix between FileZilla and Cyberduck. You’ll use one window to access everything you need, with your local machine on the left, and the server on the right. It has the same huge number of storage connection profiles to choose from, and looks like a native app too.
Much like FileZilla, there’s good usability, with everything you need visible from the one window. In contrast, Cyberduck can sometimes leave you to search for an option or window.
While there’s a 7-day trial version available, there is no free version of Transmit, and you’ll expect to pay $45 per ‘seat’ for a license. This is a one-off payment too, which means Transmit is a cost-effective option.
Once you have an SFTP client installed and running, you’ll want to use it! There are three steps, and we’ll recap them below:
It’s a simple, three-step process, which needs your credentials first and foremost.
This step can be confusing at times, although it doesn’t have to be. Your SFTP credentials will be different than those you use to log into WordPress and your hosting control panel. However, you’ll find them in the latter.
In this example, we’ll use DreamHost, but you may need to either extrapolate from our instructions or hunt for a similar option. To start, log into your host, and look to where your list of sites resides. For DreamHost, this is the Websites screen. In others, it may have a different name.
From here, look for the information relating to your SFTP users. DreamHost makes this clear:
In some cases, you’ll want to navigate to your site’s settings to find the credential screen:
Regardless of how you get there, this screen should show the SFTP credentials for your site. It will show the host, username, password, and port:
Note all of these down (or leave the screen open), while you head to your SFTP client.
Within your SFTP client, look for the login fields. With FileZilla this is simple – they’re at the top of the screen:
It’s a similar situation with Transmit: The login fields are in the right-hand window:
For Cyberduck, you’ll need to click the Open Connection button at the top of the screen:
This will bring up a dialog box that should be familiar to navigate. First, choose the SFTP option from the drop-down…
…then enter in the rest of the details into the dialog box:
Once you click the Connect button (or equivalent) you will need to wait for a few seconds, until you see your server’s files on screen. From here, you can work with them.
This step should be the most straightforward of the three. Using an SFTP client to manage your server’s files is as simple as using your computer. In most cases, you’ll drag files onto your server’s directory structure. For FileZilla, this is from the left-hand to the right-hand screens. Folder structures show at the top-left and top-right, file structures of those folders show underneath:
For Cyberduck, you’ll drag local files from your OS Finder or File Explorer onto the client. From here, you’ll find all of the various actions within localized right-click menus. For example, you can download files, create new ones, and edit them:
Note that one big difference between FileZilla and Cyberduck is how you access elements such as file permissions. With FileZilla, there’s an explicit option:
For Cyberduck, you’ll want to go through the Info screen:
On the whole, using SFTP is simple to execute, and isn’t as daunting or scary as some make out. Of course, you do need to exercise caution, and make sure you close your connection when you finish. After all, you are working with your site’s files in a direct way. However, the more you use SFTP, the better and more comfortable you’ll become.
For a site owner, accessing your site’s files and folders could be a daily task. As such, you’ll want to make sure your workflow is straightforward and simple to execute. SFTP is the way to get at your server’s contents, and the good news is that most of your options for using it are fantastic and friendly to work with.
If you know how to log into a website, you can use SFTP. Choosing a suitable client is simple – FileZilla and Cyberduck are open-source and free, while Transmit is an excellent premium solution. Working with the files will be as simple as using your computer. What’s more, you can leverage SSH to make sure malicious users don’t get at your sensitive data.
Do you use something other than SFTP to access your server, and if so, what is it? Let us know in the comments section below!
On the fence about using Divi AI to improve your workflows when building websites with…
Kinsta is a recognizable brand in the WordPress hosting space. The main thing that sets…
Searching for the best WordPress maintenance service to get a little helping hand with your…
Do you really need managed WordPress hosting? Let's face it: Running a WordPress blog or…
WP Engine is one of the very first companies to start offering tailor-made hosting for…
Cloudways is a very original type of a web hosting company when compared to other…