Better FTP Configuration Instructions
The current FTP Connection Settings instructions in cPanel mention SFTP even when SFTP is not possible because of shell being disabled.
There is no mention of TLS connection settings even when Service Configuration » FTP Server Configuration has it optional or required in the TLS Encryption Support field.
This leads many users into a confused state and if they try SFTP too many times they may end up getting blocked if certain firewalls are used or annoyed that they cannot connect at the very least, which will result in a trouble ticket to the hosts support desk in most if not all cases where a user has found these instructions.
The system should not offer SFTP options if an account has no shell, and it should offer TLS options if TLP is allowed or required.
New configuration files should also be made available for TLS.
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
I'd like to add a few enhancements to the above:
The configuration files and instructions should display the correct FTP host if the TLS option is required by server admin's settings in Service Configuration » FTP Server Configuration. (Server's primary hostname NOT domain.com)
If this setting is disabled or optional, then similar rules should apply where, the configuration files and instructions should display the correct
FTP host if the TLS option is not selected by the user (even though available) or disabled by admin in Service Configuration » FTP Server Configuration. In this case FTP host would simply be ftp.domain.com or domain.com not the server's hostname.
If TLS is selected by the user (if admin has made it an option), and a self-signed SSL is installed, or the CA-signed SSL is expired, the instructions should tell the user about the security exception they are required to accept in their FTP application.
This could be made possible (using existing cPanel/WHM functions) when the system detects a self-signed or expired SSL (As it's done in "Service Configuration »Manage Service SSL Certificates)
else, no warning/instructions should be necessary for the user in regards to "SSL certificate exception."
I'd like to add a few enhancements to the above:
The configuration files and instructions should display the correct FTP host if the TLS option is required by server admin's settings in Service Configuration » FTP Server Configuration. (Server's primary hostname NOT domain.com)
If this setting is disabled or optional, then similar rules should apply where, the configuration files and instructions should display the correct
FTP host if the TLS option is not selected by the user (even though available) or disabled by admin in Service Configuration » FTP Server Configuration. In this case FTP host would simply be ftp.domain.com or domain.com not the server's hostname.
If TLS is selected by the user (if admin has made it an option), and a self-signed SSL is installed, or the CA-signed SSL is expired, the instructions should tell the user about the security exception they are required to accept in their FTP application.
This could be made possible (using existing cPanel/WHM functions) when the system detects a self-signed or expired SSL (As it's done in "Service Configuration »Manage Service SSL Certificates)
else, no warning/instructions should be necessary for the user in regards to "SSL certificate exception."
Replies have been locked on this page!