Any chance of adding support for FTPS or FTPeS (FTP over

Any chance of adding support for FTPS or FTPeS (FTP over Explicit TLS) destinations?

Some providers use this for security instead of SFTP.

Thanks,

Mark

  • PC
    • WPMU DEV Initiate

    Hello Mark,

    Greetings and thanks for posting on the forums.

    Any chance of adding support for FTPS or FTPeS (FTP over Explicit TLS) destinations?

    I have moved this thread to "Features and Feedback" section of the forums and have tagged our lead developer on the same so that he can let us know if he has got this on his to do list for future releases.

    If not, other users can also vote on this feature and once we have enough votes, it will automatically come on the to-do list :slight_smile:

    I hope that helps. Please feel free to ask if you have more questions on the same.

    Cheers
    PC

  • Paul
    • The Green Incsub

    @wpcdn, @Brian Bookwalter, @Shawn,

    Trying to look into this. Should be able to find a way to implement this soon with our existing PHP FTP libraries.

    Just checked with my three hosting companies and neither provide FTP-ES connection support. Only SFTP or regular FTP. So any chance I can get access to a know environment which supports this FTP-ES configuration. Just need to be able to connect via Snapshot and upload a file.

  • wpcdn
    • Syntax Hero

    Hi Paul,

    Strange, most FTP servers actually support that kind of connection whether it's required that users utilize it or not. (We require it.)

    My hunch is that if you try those hosts with something like FileZilla, specifying FTP-ES, it would work.

    Or I would be happy to provide access, though I might not have a chance to set it up for you until the evening.

    Thanks,

    Mark

  • Paul
    • The Green Incsub

    Yeah, I used FZ for years. But tried Transmit and decided to put some money down for it. Still use FZ when on Windows.

    Here is a screenshot of the Transmit protocol option. The 1st and 4th items are the existing FTP and sFTP implemented by Snapshot.

    The 2nd and 3rd are where I'm trying to get. As I mentioned I can get the 'FTP with TSL/SSL' working in PHP code when connecting to my new GoDaddy hosting (I feel dirty).

    I'm partly just confused on how PHP implements the differences in the protocols. From what I've found PHP uses the function ftp_connect() for straight FTP connections and the function ftp_ssl_connect() for FTPS. But does not provide a distinction as to how this matches the 'FTP with Implicit SSL' vs 'FTP with TSL/SSL'.

    This Wiki page seem to explain the differences pretty well. Especially about Implicit vs Explicit. http://en.wikipedia.org/wiki/FTPS#Implicit

    I'm just going to modify the existing Snapshot code to implement the ftp_ssl_connect() function and let you test the beta. Should be a few hours.

  • Shawn
    • The Crimson Coder

    FZ has FTP over Implicit SSL and FTP over Explicit SSL. I usually use FTP over Explicit SSL as there's far less chance of interception as even the TLS negotiation can't be intercepted.

    @Paul, if you need a test account configured for either (or any other funky FTP server stuff) just contact me direct (s@12pd.com) and I can provide. I've got a killer FTP server. :slight_smile:

  • Shawn
    • The Crimson Coder

    FTP over Implicit SSL doesn't work though.

    Feature requests:

    1) While you're in here, can you add a file to the automatic folder creation routine? The file "CACHEDIR.TAG" should be included in the local snapshots folder ("/wp-content/uploads/$snapshots/CACHEDIR.TAG" where $snapshots is the Backup Folder) to help automated backup routines under *nix ignore the entire folder. No sense backing up copies of the backups into additional backups. Otherwise I have to manually add the file.

    2) Global *include* files. Almost every site I run includes caching and it would be a PITA to have to backup the caching settings file separately. I do not want to backup the cache, of course, but the caching configuration (which in W3TC is partially stored within the cache folder) would be nice to include. There ought to be a way to provide a relative path to these files so they're included in my backups.

    3) Provide a manual trigger for upload. Make it so I can click a button to force it to upload immediately.

  • Shawn
    • The Crimson Coder

    This is the log from the FTP over Implicit SSL test I did:

    2013-04-29 11:55:59: Sending Archive: snapshot-1367264909-130429-194829-12345678.zip 6M
    2013-04-29 11:55:59: Destination: ftp:  FTPiStest
    2013-04-29 11:57:02: Using FTP with TSL/SSL connection
    2013-04-29 11:57:02: Connecting to host: EXAMPLE.com Port: 9999 Timeout: 90
    2013-04-29 11:57:02: ftp_connect failed.
    2013-04-29 11:57:02: ERROR: Undefined index: _wfsf

    _wfsf may be related to Wordfence.

  • Paul
    • The Green Incsub

    FTP over Implicit SSL doesn't work though.

    Correct. 'Explicit' works which uses the native PHP function ftp_ssl_connection(). But for 'Implicit' there is not a native PHP function so needs to be implemented via Curl. Which at this time will not be done. Sorry.

    1) While you're in here, can you add a file to the automatic folder creation routine?

    Sure. Should be easy enough.

    2) Global *include* files

    Ok. Yeah, I get this request all the time. Will probably work like the global exclude. No promise when it will be implemented.

    3) Provide a manual trigger for upload

    Not really sure I understand this request. Snapshot will only send snapshot archives. There should no be a need to send file manually. Unless I missing something here.

  • Paul
    • The Green Incsub

    @Shawn,

    4) And a way to view the logs without having to dig into the folder via FTP/SSH.
    Again, I might be missing something. On the Snapshot main listing in the far right column is an option to view or download the log for the last transaction of that specific snapshot configuration.

    Also within that column cell you can click the view to access the full list of archives. Also on that page you can view or download the logs.

  • Shawn
    • The Crimson Coder

    @1 (CACHEDIR.TAG) - FANTASTIC! Note: case is important, it MUST be uppercase. This is the one I'm most interested in anyway, since it means my external backups won't get ballooned by snapshots. Switching to W3TC recently for most of my sites already caused a completely unexpected 400gb increase in my backups. I had to tune my backup scripts to exclude that crap pretty quick.

    @2 (global include files) - I completely understand. If/when you get to it I would appreciate it - but I know something like this is a major addition.

    @3 (manually trigger upload) - waiting for the WP Cron system is painful. If I just want to make a manual backup and immediately have it uploaded to my destination - waiting several minutes and then checking for it is time consuming and scary - there's a good chance I'll get distracted with something else and forget.

    I *do* like that the WP Cron system will keep trying again and again until the file gets uploaded. When I switched the FTP server profile from Implicit back to Explicit it uploaded (unexpectedly, I might add) a few minutes later. That was very cool. But if I weren't monitoring my FTP through triggers I probably wouldn't have known it was going to continue trying to upload.

  • Paul
    • The Green Incsub

    @Shawn.

    And understood on #3. This has been a thorn in my side since last summer. Snapshot has this bipolar personality. In that the manual method was first adding in version 1.0. Then we added scheduling in later versions. The scheduling is kicked off by WP Cron. But as you are aware when you run a manual backup the file is not sent. IT relies on a separate WP Cron process to forward the file. I do agree this needs to function more consistent.

  • Shawn
    • The Crimson Coder

    Correct.

    The file only needs to appear once within the structure at the lowest level. This flags the folder as being a cache/tmp directory so it won't be included in backup routines that use tar --exclude*.

    It can be empty, but most people include a textual note of why that directory is being excluded from archives - something like "this directory includes automated backups with the Snapshot plugin which you can get at..."

  • Paul
    • The Green Incsub

    @Shawn,

    @4 - Thanks, Paul! I was looking for them under Settings. I was only scanning the text and assumed that it was the archive I would 'view'/'download'.

    Yeah, that is common. You can download the zip archive using the link for it. There is not a view archive option.

    And congratulations! Looks like you hit 1000 points. New lifetime members. Woot!

  • wpcdn
    • Syntax Hero

    Unfortunately it's not working for me in some scenarios. In one FTPeS test I get this error when testing the connection:

    ==========
    Using FTP with TSL/SSL connection
    Connecting to host: snapshots.wpcdn.com Port: 21 Timeout: 90
    ftp_login failed.ftp_login() [function.ftp-login]: Login authentication failed
    ==========

    However, I can FTP in successfully using the same credentials in FileZilla.

    Thanks,

    Mark

  • Paul
    • The Green Incsub

    @wpcdn,

    Any chance you can provide me a testing FTP account to that same host so I can debug this under my development environment?

    As for not working in Snapshot but working in FZ you have to consider robustness of the FZ implementation vs what is provided in PHP. Two separate libraries.

    Also on your site what is the Passive mode setting. I noticed during my testing I had to set passive mode to on or off (sorry can't remember) in order for things to connect.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.