deutsch Server 1 deutsch Server 2 englisch französisch italienisch spanisch turkisch
 
Projects
DSL Forum
Finanz Forum
 
DSL Verfügbarkeit
Information about data security

We think about your security

In order to be able to log in on your ftp server, web2ftp must know your ftp password. This password is transferred from your browser to web2ftp and from there to your ftp server. An encrypted transmission of your server data to web2ftp (and the server reply back to you) is possible with the SSL Login. This is no different from any other FTP client and is thereby no characteristic of web2ftp..

For technical reasons web2ftp needs your ftp password with each ftp command you execute, therefore web2ftp stores your password for the duration of the session locally. This has the advantage that your password does not need to be sent continuously between your browser and web2ftp. The password is stored in a file inaccessible to the public, and totally unrelated to your username. Additionally the password is encrypted by DES with a public and private key. If someone gets access to this file (which is nearly impossible) and decodes the password, your password is nevertheless worthless to him. The connection between password and user name is made by a session ID, which is put in hidden HTML fields together with the server data. The stored password can be only used, if both the randomly produced session ID and the user name are known. This information is only known by you!

The password file is deleted together with the session ID when you press the Logout Button. This guarantees that the browser's or any proxy's cached copies of the HTML pages cannot be used any longer. If you forget to logout your password file is deleted automatically after 60 minutes of inactivity! Files downloaded by the ftp server are transferred automatically by web2ftp to your computer. Only you have access to these files as there is an htaccess file that limits the access to your IP address. If another internet user should know the name and the directory of the downloaded file (which is highly improbable), the download attempt would fail as their IP would get rejected

Of course we do not store any personal data. Activity-related data is stored only for statistics purposes and deleted after the regular evaluation. Of course we will keep this data secret. Again it is pointed out that all passwords are deleted after their use! With web2ftp it is neither necessary nor possible to register and store personal data. Therefore abuse of such data is generally impossible!

If you should have further questions or doubts concerning the security of your data, please mail to to info@web2ftp.com