FileZilla Forums

I'm running RHEL 7 and FileZilla 3.10.1.1.
We have been instructed to remove all insecure protocols from our system.
FileZilla has the ability to SFTP, FTP (unsecure) and FTP over TLS.

Q: How can I prevent FileZilla from using, or attempting to use, the unsecure FTP protocol?

There is no point in disabling insecure protocols if you run outdated software. You first need to update to the most recent version of FileZilla.

My apologies for being un-clear. For various contraractual reasons, we CANNOT upgrade the software at this time. It is integrated into other custom software. The FileZilla RE tells me that the later versions cannot run on RH Enterprise Linux. No idea if it is true or not. Not my bailiwick, but if you know, I'll pass it on.

We had a blue team find that ports 20 & 21 were active. We now have a POA&M to prevent this from happening. This need to happen in a shorter time frame than updating out software. Software updates can take 9 months, I have 2 months to fix the POA&M.

Let's not quibble over things that I cannot change.

There is no way to disable specific protocols.

Recent versions of FileZilla require explicit user confirmation before using an insecure protocol.

Thanks, that's helpful. Is there a way to prevent it all together? If not, can you say why it is not possible?

There is no need to disable protocols. If the user wants to use some protocol, despite the warnings about it being insecure, then so be it.

That's what I need to know. Thank you.