How to make Secure FTP with desigining

The IIS-based FTP service (MSFTPSVC) supports both active and passive mode connections, depending on the method that is specified by the client. IIS does not support disabling either active or passive mode connections, due to the lack of such a feature in RFC 959. Unlike HTTP and most other protocols used on the Internet, the FTP protocol uses a minimum of two connections during a session: a half-duplex connection for control, and a full-duplex connection for data transfer. By default, TCP port 21 is used on the server for the control connection, but the data connection is determined by the method that the client uses to connect to the server.

Configure FTP Firewall Settings:

Setup Passive Port Range for the FTP Service:

• Go to IIS 7.0 Manager. In the Connections pane, click the server-level node in the tree
• Double-click the FTP Firewall Support icon in the list of features.
• Enter a range of values for the Data Channel Port Range.
• Once you have entered the port range for your FTP service, click Apply in the Actions pane to save your configuration settings.

external IPv4 Address for a Specific FTP Site:

• Go to IIS 7.0 Manager. In the Connections pane, click the server-level node in the tree.
• Double-click the FTP Firewall Support icon in the list of features.
• Enter a range of values for the Data Channel Port Range.
• Once you have entered the port range for your FTP service, click Apply in the Actions pane to save your configuration settings.

IS does not support SSL, but there are some 3rd party products that do support it.