• Tuesday, December 2, 2025

File Transfer Protocol (FTP) accounts are essential for managing website files on your server. They provide a secure and efficient way to upload, download, and modify files, making them indispensable for web development and maintenance. This guide will walk you through the process of managing FTP accounts within the Plesk control panel, covering everything from initial access to creating, editing, and deleting accounts, along with valuable tips for maintaining security.

By following these detailed steps, you can ensure organized and secure access to your server files, enabling efficient website administration.

Accessing FTP Management in Plesk

To begin managing your FTP accounts, you first need to navigate to the relevant section within your Plesk control panel. Follow these steps:

  1. Log in to your Plesk control panel using your credentials.
  2. Once logged in, locate and navigate to the “Websites & Domains” section, which is typically found on the main dashboard.
    Plesk Websites & Domains section
  3. Within the "Websites & Domains" interface, select the specific domain for which you intend to manage FTP accounts. Then, click on the “FTP” option, usually located among the domain management tools.
    Plesk FTP option

Creating New FTP Accounts

Setting up new FTP accounts is a straightforward process in Plesk, allowing you to grant specific access to users or applications. Here’s how to create a new FTP account:

  1. In the “FTP Accounts” section, you will find an option labeled “Add an FTP Account.” Click on this to initiate the creation process.
    Add an FTP Account button
  2. A form will appear requiring you to fill in the following details:
    1. FTP account name: Choose a unique and descriptive username for this new account. This will be used for logging in via an FTP client.
    2. Home directory: Specify the directory that this FTP user will have access to. By default, it might be the root of your domain, but it's often recommended to restrict access to a specific subfolder for enhanced security.
    3. Password: Create a strong, complex password for the account. A robust password includes a mix of uppercase and lowercase letters, numbers, and symbols to maximize security.
  3. After entering all the necessary information, click “OK” or “Save” to finalize the creation of the FTP account.
    Plesk password input and OK button

Modifying Existing FTP Account Details

From time to time, you may need to update the details of an existing FTP account, such as changing its password or adjusting its home directory. Plesk makes this process simple:

  1. Within the “FTP Access” section, locate the specific FTP account you wish to modify from the list of existing accounts.
  2. Click directly on the name of the account you want to edit. This action will open the account’s settings page.
    Plesk FTP account list with selected account
  3. On the settings page, you can update various details, including changing the password to a new, strong one or reconfiguring the home directory to grant or restrict access to different folders.
  4. Once all desired changes have been made, click the “Save” button to apply your updates.
    Plesk Save button

Deleting FTP Accounts

When an FTP account is no longer needed, it’s crucial to remove it to prevent unauthorized access and maintain security. Follow these steps to delete an FTP account in Plesk:

  1. In the “FTP Access” section, review the list of accounts and identify the one you intend to remove.
  2. Select the checkbox next to the account(s) you wish to delete, then click on the “Remove” option. This action is usually represented by a trash can icon or a clearly labeled button.
    Plesk remove FTP account button
  3. A confirmation prompt will appear to ensure you genuinely want to delete the account. Confirm the action to permanently remove the FTP account from your server.
    Plesk remove FTP account confirmation

Best Practices for Secure FTP Account Management

Effective FTP account management goes beyond just creating and deleting. Adhering to best practices is vital for maintaining the security and integrity of your server files:

  • Utilize Strong, Unique Passwords: Always ensure that FTP account passwords are robust, combining uppercase and lowercase letters, numbers, and special characters. Avoid reusing passwords across different accounts.
  • Implement Least Privilege Principle: Configure home directories to grant users access only to the specific folders they need to perform their tasks. This limits potential damage in case an account is compromised. For example, a developer might only need access to a specific project folder, not the entire public_html directory.
  • Regularly Monitor Activity Logs: Periodically check FTP logs to identify any unusual or suspicious activity. This proactive monitoring can help detect and respond to unauthorized access attempts promptly.
  • Review and Audit Accounts: Conduct regular audits of all active FTP accounts. Delete any accounts that are no longer in use, and review permissions for existing accounts to ensure they are still appropriate.
  • Consider SFTP/FTPS: Where possible, prioritize using SFTP (SSH File Transfer Protocol) or FTPS (FTP Secure) over standard FTP. These protocols encrypt data during transfer, providing a much higher level of security against eavesdropping and data interception.

By diligently following these guidelines and leveraging the tools within Plesk, you can proficiently manage your FTP accounts, ensuring both the security and efficient organization of your server files. Should you require further assistance or encounter complex issues, do not hesitate to reach out to your hosting provider’s technical support team for expert guidance.

Back