My company, as a matter of policy, closes the ftp ports of the servers in the DMZ.
However, I am not convinced that this is necessary, given the advent of very secure
ftp servers. I would appreciate any comments on the security of an open ftp port. To
relate this to php, I am ready to give up trying to make my
system("scp ......");
code work, because I will have to give the apache user more permissions than I am
comfortable with. So, I am thinking fo using php's ftp commands instead. I see nowhere
in the documentation however, if the ftp_connect can be done via the ssh transport
mechanism. Or, is this unnecessary, and can I use ftp (with plain text user and
password passed to ftp_login()) on port 21 without worrying about getting hacked?
muchas gracias
Rich
