Communication with an insecure FTP server detected.
- Rule ID: php_lang_insecure_ftp
- Languages: php
- Source: insecure_ftp.yml
Communication with FTP servers should be done securely over SFTP in applications that process sensitive data. This rule checks if all FTP connections are made using SFTP.
✅ To ensure secure FTP connections are made, use the ftp_ssl_connect function
$ftp = ftp_ssl_connect("ftp.example.com");
OWASP Top 10
To skip this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --skip-rule=php_lang_insecure_ftp
To run only this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --only-rule=php_lang_insecure_ftp
Ready to take the next step? Learn more about Bearer Cloud.