Talk:FileZilla

Doc
The doc is way out of date. I'm gonna update the command lines here for posterity:

FileZilla does support some basic command line options. The supported options are:
 * URL: You can specify a URL FileZilla connect to when started
 * -d : Downloads the specified file from the server into the target dir
 * -u : Uploads the specified file into the target dir on the server. * has to be the full path of the file.
 * -t : Only valid together with -u or -d: Specifies an alternate name for the target file.
 * -s : A saved site

Example: filezilla.exe -u "c:\Program File\FileZilla\FileZilla.exe" ftp://user:pass@ftp.myserver.com/upload -t CoolProg.exe

WINE
A while back, I added in that it is known to work at least somewhat well on WINE, but that was deleted becuase 'almost any Windows application can'. Actually, my expirience tells me that very few can nowadays, so I was thinking that it might be appropriate to add in. Thoughts? WBHoenig 02:00, 25 August 2006 (UTC)
 * Please avoid WP:OR. I didn't remove the remark on wine, however it is true that wine runs A LOT of apps--especially the simple and popular open source ones.    It might be appropriate to mention that FZ 3 will have Linux support and that FZ 2 works under wine (with citations for both of these).  --Karnesky 02:37, 25 August 2006 (UTC)
 * Okay, then. You seem to have a lot more experience here than I do, so I'll let you decide WBHoenig 02:35, 19 November 2006 (UTC)

9x/ME
"As of version 2.2.23 FileZilla uses Unicode internally. As a result, it no longer runs on Windows 9x/ME."

This is helpful information -- but not as useful as it appears. The developer has abandoned Windows 9x/ME users, although the older versions seem to still be available. We need to know exactly what is the last best stable version we CAN use. 2.2.22 (2006-04-20 13:05)? Is there a usable changelog somewhere, organized by version number? 69.87.202.246 01:05, 12 January 2007 (UTC)

PortableApps suggests Win 95/98/ME use 2.2.22 which can be downloaded here. 69.87.199.253 02:16, 18 January 2007 (UTC)

Date/TimeStamp
It seems that it is impossible to upload a file with FTP and retain the original file Date/TimeStamp. If there is a way to do this with FileZilla -- How? It just has a setting for downloads. Uploaded files are timestamped with current time. I have just wasted a half day trying every possible way, with every program I can think of. Why is there such a limitation, and what ways might there be to get around it? I guess one could zip files into an archive and transfer them that way... But I don't know how to get them unpacked at the other end. What a big nuisance! 69.87.203.244 01:49, 12 January 2007 (UTC)

relation to Mozilla foundation?
Is there any? Mathiastck 18:32, 7 June 2007 (UTC)
 * None. --Prikryl 15:05, 10 June 2007 (UTC)

Controversy...
Perhaps somebody should add a section about the controversy regarding this product... I was a happy camper, until I found out that the latest version of the Filezilla client stored each user's passwords as plaintext! (Contrary to FZ2, where the passwords were at least encrypted somewhat).

Developer knowingly let this security breach pass, because he believed that it was the job of the OS to protect the password file... which is a fairly juvenile way to view Windows!

See his attitude for yourself. 206.248.139.177 03:02, 29 September 2007 (UTC)


 * I think the important point is encryption (in this context) provides a false sense of security. The developers of the IM software Pidgin, made a similar decision (See Pidgin (software) or Plain Text Passwords). --Dbolton 03:32, 2 October 2007 (UTC)


 * In this context i regard the citation for the above as insufficient. It is to some other software that also doesn't encrypt passwords and their justification of it. It is not independent. It may as well be to the filezilla page. equally since fz doesn't communicate this information to the user the point is moot. Flagpolewiki (talk) 15:46, 30 July 2013 (UTC)


 * But what users proposed for more than 6 years now is a Master Password. This is not security through obscurity, because you need something you know. If you'd use a keyfile too, you also need something you have. If this is "security through obscurity", then encrypting your system and logging in using a password is also "security through obscurity". I think the article should reflect better that passwordless encryption is not the proposed alternative to plaintext, but a Master Password is. PGP works the same way in synchronous encryption. Using a Master Password (and maybe even a key) prevents your son from "thinking he's funny" when you forgot to lock when you go to the toilet. A Master Password allows you to keep a portable version of FileZilla on a USB stick. A Master Password is the only solution when you have a Windows version lower than "Professional" because they don't support EFS home encryption, which makes those systems impossible to "secure" on a system level. The focus of the article should be more towards the inability of the developers to accept the logic behind these use cases, and their inability to acknowledge that Master Password is indeed the best solution for some. --Redsandro (talk) 16:45, 18 July 2014 (UTC)

" On Windows 7 and 8, users would need a Professional or higher license for NTFS Encrypting File System, or Enterprise for Bitlocker drive encryption in order to make your system secure enough for plaintext passwords, effectively making the other Windows editions insecure for using with FileZilla." This is false. Sure, disk encryption (let's not specify Microsoft's implementation since there are other (free) implementations available across OSes, eliminating the Professional+ requirement) can protect plain text AT REST. However, security isn't a "number" that is magically increased with disk encryption. More plainly it doesn't stop malware from reading plain text once the volume is mounted AT ALL (or any running process for that matter). Implying that disk encryption would make a system "secure" enough for plaintext is actually a DANGEROUS suggestion. The only secure suggestion I can make is to use a password manager like Keepass, Password Safe, etc... (which only keeps decrypted passwords in its memory as opposed to openly available on the filesystem and erases it properly when done). People in general should be using a password manager anyways (users only need to remember one password like from diceware, all generated passwords are unique and random preventing the ever so popular password reuse attack).23.91.149.126 (talk) 21:59, 10 June 2015 (UTC)

There is a recent fork called FileZilla Secure that looks to resolve this particular issue. Maybe it should be mentioned in the article next to the criticism in the opening paragraph? Shawnmb (talk) 09:20, 23 November 2016 (UTC)


 * Indeed Shawnmb. Feel free to add this mention to this article. Thanks for your help. Wget (talk) 17:25, 23 November 2016 (UTC)

Description of FileZilla for people who don't understand what it is
Hello everybody. I wanted to read the article about filezilla because I wanted to know what it is. Now I have read it and I STILL don't understand anything. Thus my suggestion: I think you guys who understand something about it should write an introduction to filezilla, which says what it actually is and what you can do with it, that also non-technical people understand. And why is the second point in the whole article that filezilla and filezilla server are not the same thing? Shouldn't there be first a clear point about filezilla? Please try to make this article more clear. Thanks :)--Tilmanb (talk) 07:06, 5 December 2007 (UTC)
 * Hi. I just checked the page out, and the first sentence reads "FileZilla Client is a free, open source, cross-platform FTP client", which in my very humble opinion is quite clear. Of course, a reader may not be familiar with the technical terms (open source, FTP client, etc), but it's clearly out of the scope of this page to explain those terms, and also they are all wiki links so an interested reader may check them out. A quick revision of the article's history shows that the quoted first sentence was exactly the same, so perhaps you can be a bit more precise on what is it that confused you? Cheers, SaulPerdomo (talk) —Preceding comment was added at 01:37, 31 January 2008 (UTC)

Userbox
If you use FileZilla, please feel free to put this userbox on your user page!

Notability
A notability notice was added to the top of the page. Since notability is clearly established in the first paragraph (7th most popular download of all time on SourceForge), there is no need to fill up the top of the page with unhelpful banners. If you feel more "independent" sources verifying its notability are required do a simple web search on "FileZilla Review". --dbolton (talk) 02:29, 7 January 2012 (UTC)
 * The notability tag was added four years ago, but the SourceForge listing should establish notability. The article definitely needs some better third party refs, including some reviews and such. I will see what can be found. - Ahunt (talk) 11:57, 7 January 2012 (UTC)
 * Sorry my mistake on the dates there. I have found some reviews, recommendations and quotes and have removed all the tags as a result of adding these to the article. - Ahunt (talk) 14:09, 7 January 2012 (UTC)

Citation needed
Sorry guys, but it is not good to cite every single in the feature description. This already created problem in endless Cite lists for other articles on Wikipedia. So don't start doing that over here. I removed the missing cite notes from the features list of FileZilla Server. --95.88.156.189 (talk) 17:47, 16 April 2012 (UTC)
 * See WP:V. It is challenged and has to be referenced or removed. - Ahunt (talk) 23:45, 16 April 2012 (UTC)

Forum as a ref
I realize forum cannot be cited however that's the guy himself postng it on there, and since it's his own support forums I think the statement about nuke launch codes would be vaid no? Primefalcon (talk) 00:38, 19 August 2012 (UTC)


 * The problem is that the posting is anonymous under the name "Site Admin", the forum moderator doesn't identify who they are, it could be the developer or it could be someone else. To make it worse they don't even give a complete answer to the issue. It just isn't a WP:RS. - Ahunt (talk) 10:37, 17 August 2012 (UTC)


 * Actually if you go into his user profile here: http://forum.filezilla-project.org/memberlist.php?mode=viewprofile&u=2 he does have his name listed, I dropped a screenshot into my Dropbox Pub folder for ref http://dl.dropbox.com/u/1212637/2012/08%20August/Screenshot%20from%202012-08-17%2018%3A44%3A46.png so yes its on a forum the guy himself controls and owns and its him posting the message in a public area... so I honestly don't see how this would be any different than say blog post... especialy when I cite the WP;RS with "with the exception of material on such sites that is labeled as originating from credentialed members of the sites' editorial staff, rather than users." and this is the site/program owner so I'd argue that yes... it is WP:RS Primefalcon (talk) 00:38, 19 August 2012 (UTC)


 * It is a weak solution, but better than nothing. I have added the ref in. It would be much better if this was addressed in a third party ref, like a magazine article or similar, which could be then quoted. - Ahunt (talk) 00:00, 18 August 2012 (UTC)


 * agreed 100% but I don't think the dev has really posted anywhere else regarding this.... and as you said... something is better than nothing, and considering if you do a search for flezilla plaintext passwords.... the fact you gt around 64000 results... I'd say this is a notable issue Primefalcon (talk) 00:46, 19 August 2012 (UTC)


 * Well please keep an eye out for a third party ref that discusses this and if we can find one we can add it in. The main aim is to improve the article and its references over time. - Ahunt (talk) 10:34, 19 August 2012 (UTC)

Private key files can still be stored encrypted
Actually I am not sure why a citation is needed here 100% since if your using sftp logins.. at least on Linux systems, it uses the .ssh back end which means that yes it will use key based log-ins,.. however this has nothing at all to do with the coding/programing of filezilla... however since this is more of a linux thing (I think), I am not sure if this feature would be available under windows at all... more info on key based logins using ssh here: http://en.wikipedia.org/wiki/Secure_Shell#Key_management... maybe a link to that wiki article would be more appropiate — Preceding unsigned comment added by Primefalcon (talk) 00:36, 19 August 2012 (UTC)


 * also more info can be found here: http://www.debian-administration.org/articles/152 Primefalcon (talk) 00:36, 19 August 2012 (UTC)


 * The tag is really for the claim "Private key files can still be stored encrypted..." We just need to cite a ref that says that is the case for FileZilla. The one above here doesn't deal with FileZilla. I will add the link to Secure Shell - Ahunt (talk) 00:07, 19 August 2012 (UTC)


 * it kinda does deal with filezilla, since for sftp logins, filezilla is simply using the ssh backend, and since ssh is capable of passwordless logins using encrypted keys.... so is filezilla by defacto.... if you do use a linux system set up an ssh key via ssh-keygen nd then copy it, and then simply log in using filezilla but just leave the password blank... it'll log you in, hence its simply using ssh for its sftp managment Primefalcon (talk) 00:36, 19 August 2012 (UTC)


 * I'll leave that for someone else to add though if someone else does, sine I am not 100% sure how to say that without it sounding like I am just knocking filezilla. Also I just took this screenshot from within filezilla's options http://dl.dropbox.com/u/1212637/2012/08%20August/Screenshot%20from%202012-08-19%2000%3A10%3A59.png Primefalcon (talk) 05:13, 19 August 2012 (UTC)

Clarification -
Hi

The opening paragraph says:

It supports FTP, SFTP, and FTPS (FTP over SSL/TLS). Support for SFTP (SSH File Transfer Protocol) is not implemented in FileZilla Server.[3]

Don't the two sentences sound contradictory? Thoughts please.

Regards — Preceding unsigned comment added by 203.91.193.7 (talk) 04:36, 15 December 2014 (UTC)


 * That is the difference between the client and the sever software. I think it is fairly clear there, but does it need further clarification? - Ahunt (talk) 17:25, 15 December 2014 (UTC)

Relevance of "Release history"?
The section Release history is not only outdated, but contains trivial information that is available from the project if someone really needs it. Unless I am underestimating the importance of the project (e.g. compared to products like major operating systems that are detailed this way on Wikipedia), I wouldn't think this is something that belongs here. ChrstphrChvz (talk • contribs) 05:12, 7 August 2016 (UTC)


 * Completely agree with your point of view. Removed. Wget (talk) 17:46, 11 December 2016 (UTC)

External links modified
Hello fellow Wikipedians,

I have just modified one external link on FileZilla. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
 * Added archive https://web.archive.org/web/20140217072046/http://sourceforge.net/potm/potm-2003-11.php to http://sourceforge.net/potm/potm-2003-11.php

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

Cheers.— InternetArchiveBot  (Report bug) 16:14, 30 September 2017 (UTC)


 * Checked. LGTM. 2A02:2788:134:1B15:0:0:0:3 (talk) 16:51, 30 September 2017 (UTC)

Version info not updating
The version history (for FileZilla Client, at least) is being pulled from https://filezilla-project.org/versions.php and parsed into the infobox, but it appears to not be pulling in updated info. For example, the article shows the current stable release as "3.40.0 (25 January 2019; 48 days ago)" when, 3.41.1 was released on 06 March 2019, and is reflected in the versions.php document that is being used for such information updates. — Preceding unsigned comment added by SyberCorp (talk • contribs) 14:36, 14 March 2019 (UTC)
 * It is all done manually at Template:Latest stable software release/FileZilla. I just updated it, but you may want to "watch" that page! - Ahunt (talk) 15:01, 14 March 2019 (UTC)

FileZilla Pro?
It might be relevant to mention FileZilla Pro which is also available on the website. — Preceding unsigned comment added by 67.53.137.36 (talk) 20:57, 8 October 2020 (UTC)

Offer-enabled installer.
I have a bias when it comes to end-user agreements so I am not sure if this is something worth mentioning in the article but today when I was gonna installed this app, I noticed the .exe file was named sponsored setup, so I decided to read the License agreement completely and found out that at the end it had an additional text that differed from what is found on https://filezilla-project.org/license.php. The text reads like this:

''Additional data processing in this Installer

''This is an offer-enabled installer that incorporates additional software by ironSource, which is an independent data controller. Their separate privacy policy is available at https://www.installcore.com/legal/privacy/''

By continuing, you also agree to ironSource's privacy policy and give consent that during the installation process, some information like your system configuration is collected by ironSource from your computer representing personal data according to the GDPR.

Should you object to this data processing, you might wish to choose an alternative installer from https://filezilla-project.org/download.php?show_all=1 that isn't offer-enabled.''

I used the other setup file after reading that so no idea if it installs an additional software or not. --Frodfy (talk) 02:25, 26 March 2021 (UTC)


 * I think that this is already covered at FileZilla. - Ahunt (talk) 13:02, 26 March 2021 (UTC)
 * It is a similar issue. But in the 4th of the article, there is a claim that they had stopped doing it. Anyway, I think there is enough coverage on their shadiness, I just don't think that that 4th quote should be in the short description--Frodfy (talk) 06:48, 27 March 2021 (UTC)