Skip to main content

FTP Publishing and the Security Challenge

FTP Publishing, as a way of letting us publish blogs to non BlogSpot URLs, presents many challenges - both to us, and to Blogger. I've written, repeatedly, about the stability and the support, issues. There's a third issue - security - which has several interesting details.

One of the reasons why FTP Publishing is a major challenge for everybody is that there are 3 parties involved in the process - you (the bloggers), Blogger (Blogger Support), and your host server (the host server support staff). Each of the 3 parties has to protect itself, because each of the 3 parties is at risk from the FTP publishing process.
  • You connect your computer to Blogger , and the Blogger FTP publishing server ("publisher"). And you connect your computer to the remote host. That's two sets of computers that you don't own, or control. And that's two sets of risks.
  • Blogger connects its computers to yours (permits you to connect to theirs), and they connect their computer (FTP "publisher") to your remote host (as well as to thousands of other remote host servers). Again, two sets of risks.
  • Your host server has to accept a connection from the Blogger publisher, as well as dozens of other computers used by you, and by others of their customers, like you.
  • With Blogger blogs published to BlogSpot, or to a Google server, Google can monitor content, and verify that it's not in violation of Blogger / Google TOS. With Blogger blogs published by FTP to an external server, this is not true. It's a trivial matter to publish non Blogger content on a web site that accepts FTP published content.


Any computer, directly connected to the Internet, exposes itself to immense security risks. Anybody with a computer connects their computer to the Internet through a firewall. In order to connect to any computer through the Internet, a hole has to be made through the firewall.

When Blogger connects their computer to your host server, they open a small hole in their firewall, and require that your host server open a bigger hole in theirs. PASV FTP, which is the way Blogger connects to your host server, requires a small security risk at the client end (Blogger), and a larger security risk at the server end (your host server). Not all host server support staff are willing to make the necessary security changes required. Some negotiation is required, when setting up FTP Publishing, from time to time.

>> Top

Comments

Popular posts from this blog

Adding A Link To Your Blog Post

Occasionally, you see a very odd, cryptic complaint I just added a link in my blog, but the link vanished! No, it wasn't your imagination.

Embedded Comments And Main Page View

The option to display comments, embedded below the post, was made a blog option relatively recently. This was a long requested feature - and many bloggers added it to their blogs, as soon as the option was presented to us. Some blog owners like this feature so much, that they request it to be visible when the blog is opened, in main page view. I would like all comments, and the comment form, to be shown underneath the relevant post, automatically, for everyone to read without clicking on the number of comments link. And this is not how embedded comments work.

What's The URL Of My Blog?

We see the plea for help, periodically I need the URL of my blog, so I can give it to my friends. Help! Who's buried in Grant's Tomb, after all? No Chuck, be polite. OK, OK. The title of this blog is "The Real Blogger Status", and the title of this post is "What's The URL Of My Blog?".