SFTP
ProtocolsSFTP is a secure file transfer protocol that runs over SSH to move files between a client and a server with encryption and strong authentication. It is commonly used to upload website files, download backups, and manage server directories without exposing passwords or data in transit. SFTP typically uses port 22 and supports key-based access and granular permissions.
How It Works
SFTP (SSH File Transfer Protocol) is a subsystem of SSH, meaning it uses the same encrypted tunnel and authentication methods as an SSH login. When you connect with an SFTP client, the server and client negotiate encryption, verify identity (password or SSH key), and then exchange file operations such as upload, download, rename, delete, and permission changes. Unlike older file transfer methods, SFTP protects both credentials and file contents from interception.
From a hosting perspective, SFTP access is usually tied to a specific system user or control panel account. That user is mapped to a home directory (often your site root or a parent folder), and server-side permissions determine what can be read or written. Many hosts allow creating multiple SFTP users so you can give developers or automation tools limited access. SSH keys are widely supported for stronger security and for unattended transfers in scripts and CI/CD pipelines.
Why It Matters for Web Hosting
SFTP is a key feature to compare when choosing hosting because it affects both security and workflow. Plans that support SFTP (and ideally SSH keys, multiple users, and chroot or directory restrictions) make it safer to deploy code, move media, and restore backups. If a host only offers unencrypted FTP or limits SFTP to certain plans, you may face higher risk and less flexibility for development and maintenance.
Common Use Cases
- Uploading and updating website files (themes, plugins, static assets)
- Downloading site backups, logs, or exported databases for troubleshooting
- Managing file permissions and directory structure on a server
- Automating deployments and file sync via scripts using SSH keys
- Providing controlled access to contractors with separate SFTP accounts
- Migrating content between servers when control panel tools are not available
SFTP vs FTPS
SFTP and FTPS both encrypt file transfers, but they are different protocols. SFTP runs over SSH (typically a single port, 22) and is often simpler to use through firewalls and NAT. FTPS is FTP over TLS/SSL and may use multiple ports depending on active or passive mode, which can complicate network configuration. In hosting, SFTP is commonly preferred when SSH access and key-based authentication are important, while FTPS may be offered for compatibility with legacy FTP workflows.