SSH, SFTP, FTPS, and FTP credentials enable Jetpack VaultPress Backup to restore your site if necessary. They can also be used to connect to your site to back it up if Jetpack ever becomes disconnected from your site. These credentials also allow Jetpack users with a Jetpack Scan plan to fix threats found in security scans.
What are SSH, SFTP, FTPS, and FTP credentials?
Every WordPress site is hosted on a server – this is where the files, directories, programs, and services that make up your site are located.
SSH (Secure Shell), SFTP (SSH File Transfer Protocol), FTPS (a.k.a FTP-SSL, and FTP Secure), and FTP (File Transfer Protocol) are different types of server credentials. These credentials allow you, or a service like Jetpack VaultPress Backup, to directly access the server that’s powering your website.
Server credentials are unique and different from:
- Your WordPress.org login
- Your WP Admin login
- Your WordPress.com login
- Your host’s control panel or dashboard login
SSH, SFTP, FTPS, and FTP credentials provide a way to transfer files from one host to another. The manner in which this happens is different for each method:
- SSH (Secure Shell)
- SFTP – SSH File Transfer Protocol
- FTPS (FTP-SSL – FTP Secure)
- FTP – File Transfer Protocol
Why does Jetpack need my server credentials?
We need credentials in order to restore your files and data. We can also use these to connect for backups if the Jetpack connection isn’t working. It is by far the most efficient and reliable way to back up the potentially large amounts of data involved with running a site.
File Access Permissions
File access permissions are a set of instructions that dictate who may access and modify WordPress files and folders. The server credentials you add to Jetpack VaultPress Backup will need full read and write access to the directory your WordPress is installed in, for actions like:
- Backing up your site’s files (read access)
- Restoring your site’s files (write access)
- Uploading the helper script. This script is used to fetch data from your site efficiently. It can walk directory trees, hash files, fetch WordPress config information, and fetch database tables. They expire automatically 6 hours after being uploaded to the server. They’re unique to the server that uploaded them, and only that server can access them due to randomly generated keys only the uploading server knows about.
Full read and write permissions settings might vary depending on your host, so we are unable to tell you the exact permissions you’ll need. If you have any trouble, you can contact your host’s support team and point them to this documentation, and they should know how to help. They may even provide instructions in their support documentation.
We will never use your server credentials for anything other than backups and restores without asking your permission first.
Which credential type do you recommend?
We recommend SSH, as it’s the most robust, secure, and efficient protocol. If your host doesn’t allow SSH access, we recommend SFTP as the next best option, as it provides security beyond what FTP offers. If neither SSH or SFTP are offered by your host, adding FTP credentials to Jetpack VaultPress Backup is still better than having no credentials added.
A few additional considerations:
- Currently, Jetpack VaultPress Backup can only use unencrypted private keys for SSH and SFTP. These are keys without a password or passphrase.
- We can accept credentials using FTPS protocol, but we do not recommend it since it is a deprecated protocol.
Where do I find these credentials?
Your host provides these credentials for you. You will often receive these details via email when you first create a hosting account. If you’re unsure about what these credentials are, how they work, or why we need them, you can read more about that in our SSH, SFTP, FTP Credentials guide.
If you have issues adding your credentials to Jetpack VaultPress Backup, we recommend contacting your hosting provider for support. When you reach out to your hosting provider, you can share the following with them:
I’m in the process of setting up my site on VaultPress Backup, and I need server credentials to enter into the plugin so that it can perform backups and restores on my website. Could you help me determine the correct information for the following items:
- Protocol: FTP is fine, but SSH or SFTP would be ideal.
- User: The user needs to have read and write permissions for my site’s files on the server. More on why VaultPress Backup needs read and write permissions can be found here. Note: the
rootuser cannot be used.
- Password: If using SSH credentials, this password is optional.
- Host/IP Address: If my site uses Cloudflare, I require the IP address for the server my site is located on, otherwise the URL that points to my site on the server is fine.
- Port: Should the port be 21, 22 or something else?
- SSH Private Key: If using SSH, the SSH private key cannot be password protected and must use OpenSSH format. Password protected private keys and/or keys in PuTTY format are not supported.
- WordPress Path: The WordPress path should point to the folder on the server where my WordPress instance lives.
How do I add server credentials?
Please see our Adding Credentials to the Jetpack Plugin documentation for guidance on adding your server credentials to Jetpack VaultPress Backup.