How to Configure the Administration Interface Server

Administration

Administration allows you to configure the Administration interface server.

The Administration interface contains two tabs: the Connection tab, where you can add or remove the IP addresses and ports it will listen on; and the Connection security tab, where you can set up the TLS minimum allowed version and certificate.

Setting Up Listeners

FileZilla Server listens to connections from the Administration interface on the port displayed in the Local listening port field at the top of the Connection tab. You can modify the port number. If you do remember to update accordingly the Port number in the connection dialog when you start the Administration Interface.

Using the Password field you can set an administration password. Passwords must meet the following security criteria:

  • A minimum length of 12 characters.
  • At least one numeral (0-9).
  • At least one special character (e.g., !, @, #, $).
  • At least one uppercase letter (A-Z).
  • At least one lowercase letter (a-z).

If you don’t set the administration password, for security reasons FileZilla Server listens onl on Local listening port. If you set a password, you can set FileZilla Server to listen on different addresses.

If you want FileZilla Server to listen to a new address, click on the Add button on the right. A new row will be added to the table, you need to enter the IP address in the first column and the port in the second column.

Selecting one or more rows in the table and clicking the Remove button on the right will delete those rows.

Setting Up Connection Security

The Connection security allows you to set the required minimum TLS version and to install a new X.509 certificate. To set up Connection Security, go to Administration › Connection Security tab.
FileZilla Server at installation time generates a self-signed certificate for immediate use or testing. The details pertaining to the existing certificate are presented at the bottom of the Connection Security tab.

You can install a new certificate or reissue an existing one at any time. We offer these methods:

  • Provide a certificate: Upload a certificate you already have, or enter it directly. You can also use a
    certificate already on the server.
  • Generate a self-signed certificate: This is a quick option, but be aware that self-signed certificates are
    not trusted by default.

Note: We’ve made some improvements to how you manage certificates in our latest update. Previously, the options were listed separately. Now you can choose to either upload, enter, or use a certificate already on the server, all under the Provide a certificate option. This simplifies the process and provides more flexibility. The functionality for generating self-signed certificates remains the same.

Note: At some point you’ll get a warning error message The TLS certificates of the following protocols have expired informing you that the certificate has expired. In that case you can reissue the certificate, selecting one of the above options.

Related Topics:

Tags: , ,