Skip to main content

FTP Publishing and the Security Challenge

FTP Publishing, as a way of letting us publish blogs to non BlogSpot URLs, presents many challenges - both to us, and to Blogger. I've written, repeatedly, about the stability and the support, issues. There's a third issue - security - which has several interesting details.

One of the reasons why FTP Publishing is a major challenge for everybody is that there are 3 parties involved in the process - you (the bloggers), Blogger (Blogger Support), and your host server (the host server support staff). Each of the 3 parties has to protect itself, because each of the 3 parties is at risk from the FTP publishing process.
  • You connect your computer to Blogger , and the Blogger FTP publishing server ("publisher"). And you connect your computer to the remote host. That's two sets of computers that you don't own, or control. And that's two sets of risks.
  • Blogger connects its computers to yours (permits you to connect to theirs), and they connect their computer (FTP "publisher") to your remote host (as well as to thousands of other remote host servers). Again, two sets of risks.
  • Your host server has to accept a connection from the Blogger publisher, as well as dozens of other computers used by you, and by others of their customers, like you.
  • With Blogger blogs published to BlogSpot, or to a Google server, Google can monitor content, and verify that it's not in violation of Blogger / Google TOS. With Blogger blogs published by FTP to an external server, this is not true. It's a trivial matter to publish non Blogger content on a web site that accepts FTP published content.


Any computer, directly connected to the Internet, exposes itself to immense security risks. Anybody with a computer connects their computer to the Internet through a firewall. In order to connect to any computer through the Internet, a hole has to be made through the firewall.

When Blogger connects their computer to your host server, they open a small hole in their firewall, and require that your host server open a bigger hole in theirs. PASV FTP, which is the way Blogger connects to your host server, requires a small security risk at the client end (Blogger), and a larger security risk at the server end (your host server). Not all host server support staff are willing to make the necessary security changes required. Some negotiation is required, when setting up FTP Publishing, from time to time.

>> Top

Comments

Popular posts from this blog

Stats Components Are Significant, In Their Own Context

One popular Stats related accessory, which displays pageview information to the public, is the "Popular Posts" gadget.

Popular Posts identifies from 1 to 10 of the most popular posts in the blog, by comparing Stats pageview counts. Optional parts of the display of each post are a snippet of text, and an ever popular thumbnail photo.

Like many Stats features, blog owners have found imaginative uses for "Popular Posts" - and overlook the limitations of the gadget. Both the dynamic nature of Stats, and the timing of the various pageview count recalculations, create confusion, when Popular Posts is examined.

Help! I Can't See My Blog!

I just posted to my blog, so I know that it's there. I can tell others are looking at it. But I can't see it.

Well, the good news is you don't have a blog hijack or other calamity. Your blog is not gone.

Apparently, some ISPs are blocking *.blogspot.com, or maybe have network configuration or infrastructure problems. You can access Blogger.com or you can access Blogspot.com, but you can't access nitecruzr.blogspot.com, or bloggerstatusforreal.blogspot.com.

You can't access them directly, that is. If you can access any free, anonymous proxy servers, though, you may be able to access your blog.

Note: You can use PKBlogs with the URL pre packaged. Here is the address of this post (with gratuitous line breaks to prevent the old post sidebar alignment problem):
http://www.pkblogs.com/bloggerstatusforreal.blogspot.com/
2006/07/help-i-cant-see-my-blog.html


And an additional URL, to provide to those suffering from this problem, would be the WordPress version of this post:
ht…