< All Topics

Disabling Anonymous Access to Folders

By default, anonymous access is disabled. It can be permanently disabled at the account level by the account administrator.


  1. As the account administrator go to your Setup tab
  2. Scroll down to the Account-Level Options and locate the Force only secure protocols for all users option
  3. Enable the option by checking Customize and then selecting how you want to enforce the rule: All users in the account and allow separate rules on a group/user level.


This setting disables all “plain FTP” access and anonymous file sharing. Please note however that an end user can still log in anonymously with this setting enabled but will be logged in to a “walled garden” and completely unable to access or see data. This is not a vulnerability but an application design.


Account level anonymous access disabled

The FTP service hosted at “ftp.hostedftp.com” is a multi-tenant service, meaning that it provides secure FTP and SFTP services to multiple customers. The “anonymous FTP access” feature is configured at the infrastructure server level, however, anonymous access is disabled at the root level of our service at “ftp.hostedftp.com”.


Account level configuration option

We include account level enabled anonymous FTP access only as some customers do require this feature. Each user in the customer’s FTP account has the option of enabling or disabling anonymous access on a per folder level. The default setting is to disable anonymous access. For example, if there is an FTP username “test”, and if this user creates a folder called “myfolder” and then enables anonymous access on the shared folder, then this folder can be accessed anonymously at:



Account admin-controlled feature

It is entirely in the power of the FTP account admin and users to share or not share folders, and subsequently, to enable or disable anonymous access on each shared folder (again, default setting is to DISABLE anonymous access).

Table of Contents