Having the right administrator settings at initial startup is important for keeping your Hosted~FTP~ site managed and organized. Hosted~FTP~ recommends checking certain options such as enabling audit logs for optimal “housekeeping” of your FTP site. These settings can be only be accessed by administrators after logging in to the web interface and going to the Setup tab of the admin account.
See below for fields and descriptions for basic setup and recommended settings.
|2-Step Verification||Enable 2-step verification for your administrator account, to enable strict access.|
|Username||We recommend customizing your username to easily ID your administrator instead of using an email address.|
|The email is used for all notification purposes, password resets, and FTP account management. Also, an alternative to the username when logging in.|
|Password||Transitioning from trial to production, consider changing your password for more strict access.|
|Name||The name in this field should describe the overall name of the account i.e. CompanyX’s FTP, CompanyX DepartmentA.
When sharing a folder, the users will see this name in the description.
|Time Zone||Affects the timestamps for all activity in your account, the time zone field also affects your logs when tracking login and file transfer activity|
|Country||Geographic location for the administrator.|
|Language||Preferred language used by the account owner|
|Admin||The drop-down list allows the administrator account to transfer the admin privileges to an existing user that meets all criteria. Notice that files, folders, and permissions are unique to each user and are not transferable.|
|Signature||The personal administrator signature. For the signature on the whole FTP account level, visit the Branding link in the Setup tab.|
|Delete mail after _ days||Significant to the plugin utility and send/receive functions, mail events in the home tab are deleted after your chosen amount of days.|
|Show mail in FTP folder _||Events that have happened in the plugin utility and send/receive functions are saved in this folder; default named: mail.|
|Default FTP folder||Sets the current user’s default folder to land in (for web browser and FTP only)
Note: SFTP requires to set a folder destination in the FTP client/script
|Save import results in FTP folder _||Save import results in a folder; default named: imports.|
|Create logs in FTP folder _||Track your login and transfer activity for all users in your FTP account, logs are created at the end of each day. Recommended to select save formats as excel.
It is recommended to enable this setting to track user activity for each day.
|Notify me when sent files are _||Receive email notifications to your admin email when sent files are successfully sent and/or received.|
|Ask a security question during password reset||When resetting your admin password, you can add an additional security measure by adding a security question. Please note: some browsers will autofill the security question and answer field which needs to be cleared to allow saving.|
|Add an attachment with download instructions when files are shared with me||When files are shared with this user, instructions are also included|
|Use a public key for SFTP authentication||Input a PKI key for additional security when connecting by SFTP.|
|Enforce compliance for all users||Starting at the Enterprise T2 subscription, the account admin can enforce compliance rules for all users (i.e. CJIS, advanced CJIS). This enforces admins and users to have proper setup in their login credentials and account to be compliant for the chosen compliance. This can be enforced on an entire account, group, or individual user level.|
|Enforce password policy for all users||Starting at the Enterprise subscription, the account admin can enforce a password policy for all users. This enforces admins and users to follow the chosen password guidelines when setting or resetting a password. This can be enforced on an entire account, group, or individual user level.
It is recommended to enable a password policy to prevent users from using vulnerable passwords.
|Force only secure protocols for all users (ftps/https/sftp)||The account admin can restrict all users to connect using only secure protocols: HTTPS (web portal), FTPeS, and SFTP. This can be enforced on an entire account, group, or individual user level.
It is recommended to force only secure protocols for all users to maintain 256-bit encryption in transit, upon arrival, and at rest.
|Apply IP whitelist for all users||Starting at the Enterprise subscription, the account admin can restrict users to connect to the server only from whitelisted IP addresses (or a range of IP addresses). This can be enforced on an entire account, group, or individual user level.|
|Web (https) logins for all users||The account admin can disable or enable users ability to login to the Hosted~FTP~ web portal by selecting “None” for no access, and “Password” to allow access. This can be done on an entire account, group, or individual user level.|
|Non-web (ftp/ftps/sftp) logins for all users||The account admin can disable or enable users ability to connect to Hosted~FTP~ via 3rd party application, script, FTP client, etc. Selecting “None” will disable password logins via non-web, and selecting “Password” will enable password logins via non-web.
Note: SFTP protocol can still connect using SSH key pairs.
|Authenticate passwords for all users with [Hosted~FTP~]||Default setting that cannot be changed. Passwords are authenticated using Hosted~FTP~’s system.|