I wanted to increase security of the Microsoft IIS FTP service of my web server so I thought I restricted access to it to my IP. But since my IP is a dynamic IP I had to setup a dynamic domain service. With this I had to enable domain lookup on the IP filtering of the FTP service. The problem with this solution was that every time I accessed the server, the MSFTP service simple crashed and stopped. Searching the internet for a solution was not successful. So headed into another direction: SSL and certificates. I don’t really know if this is better than IP restriction (and I suspect it is an open ended discussion) but it would allow me to access the FTP on the road, where it would be an internet access different from the one where the dynamic domain service is configured.
So here is the task list:
- Securing the FTP server with SSL
- Use a client certificate to authenticate the user.
Read the full article.