Discussion in 'Plugins/Modules/Addons' started by cfoe, Jun 5, 2012.

  1. cfoe

    cfoe ISPConfig Developer

    Hi Guys,
    ISPConfig 3 is still lacking a WebFTP-Client (nearly) runnning "out-of-the-box".
    Due to the feature request I totally support I will give it a shot by bridging AjaXplorer to the ISPConfig frontend.

    "Watch" the repo on GitHub to let me know you like the functionality and/or post below.

    Discussion: down below


    Main characteristics:
    • password-less login for admins/owner from within ISPC-Frontend
    • Deployment via ISPC repository feature ( -> One-Click-Installation (planned)

    And as always: Contributations are always welcome
  2. cfoe

    cfoe ISPConfig Developer

  3. cfoe

    cfoe ISPConfig Developer

    Please move to: Plugins/Modules/Addons
  4. cfoe

    cfoe ISPConfig Developer

    Should ist be possible for admins to login to a FTP account without password?
  5. till

    till Super Moderator

    This would be nice on one hand. But you would have to store cleartext passwords for that as ajax explorer would not be able to login to the FTP account of the website without it. And thats a thing that I would never do on my own server and I guess when a ISP has to explain to his customers that all their passwords were stored in cleartext in case that he got hacked, he will be out of business soon.
  6. cfoe

    cfoe ISPConfig Developer

    Maybe there is a way without clear text pw.

    I'll keep you posted.

    Other CPs are doing it somehow. Maybe not via FTP but in file manager mode or something.
    Ajaxplorer seems very flexible
  7. Croydon

    Croydon HowtoForge Supporter

    Some of them store cleartext passwords (like plesk does).
  8. till

    till Super Moderator

    I guess if customers would know that plesk stores their passwords unencrypted, then they would switch to a ISP that has higher security standards. Do you remember the bad press when companys lost their user database incl. passwords due to hackers with weak password encryption like linkedin, so everyone could imagine what the users would say if a company says "oh, we lost your passwords and they were not encrypted at all".

    I wonder if a company is liable for damages that occur for not taking care of user passwords in a appropriate way, I guess this might be even grossly negligent.
  9. Croydon

    Croydon HowtoForge Supporter

    I was kind of surprised when I saw that they are stored in cleartext. I wouldn't expect that from a big panel.
  10. cfoe

    cfoe ISPConfig Developer

    I think the bigger the company the easier they get away with something like this.

    Look at the Sony Network incident. No consequences for Sony :mad:
  11. Imam86

    Imam86 New Member

    Worth to try


    Yes.. every people are missing web-ftp in ISP Config 3.

    Now I'm just using net2ftp in my ISPConfig.

    I'll try this module and add your repo, too..

  12. cfoe

    cfoe ISPConfig Developer

    thanks for your post and your interest but the project currently has a pretty low priority for me. I do need the module bad too but I do not have enough time at the moment to develop all planned projects as fast as I would like.

    Help is always welcome. Just contact me or just fork the github repo :)
  13. Nilpo

    Nilpo HowtoForge Supporter

    Are any of your projects still active? All of the repos are down it seems.

Share This Page