How to Create FTP Server in Windows 10?

File Transfer Protocol (FTP) remains a popular method for transferring files between computers. While cloud storage services are gaining traction, FTP servers offer benefits like direct control and customization. This guide will walk you through creating an FTP server on your Windows 10 PC, complete with username and password authentication for secure access.

 

 

 

Why Create an FTP Server on Windows 10?

There are several reasons you might choose to set up an FTP server on your Windows 10 machine:

• Direct File Sharing: Easily share files with colleagues, friends, or clients without relying on third-party services;
• Offline Access: Unlike cloud storage, FTP servers allow authorized users to access files even without an internet connection (assuming they've downloaded them beforehand);
• Customization: FTP servers offer more control over file access permissions compared to some cloud storage solutions.

 

Things to Consider Before Setting Up an FTP Server:

• Security: An FTP server exposes your files to the network, so proper security measures like firewalls and strong passwords are crucial;
• Alternatives: For basic file sharing, cloud storage services might be a simpler option;
• Technical Knowledge: Setting up an FTP server requires some technical knowledge, but this guide will break it down into manageable steps.

    
    
    

 

 

What are the different types of FTP: FTP, FTPS, and SFTP

 

Before you start configuring an FTP server, it is important to understand that there are several types of file transfer protocols. Each has its own characteristics in terms of security, compatibility, and scope of application.

Below is a comparison of classic FTP, secure versions of FTPS (Explicit and Implicit), and the alternative SFTP solution, which is often used in system administration and DevOps environments. The information provided there will help you choose the most suitable option for your scenario, whether it is a local server, corporate network, or public access via the Internet.

 

Table - Comparison of FTP types

Protocol	Security	Default Ports	How It Works	Advantages	Disadvantages	Best Use Case	Support in Windows 10 (IIS)
FTP	No encryption (login and data sent in plain text)	21 (control), dynamic range for passive mode	Classic two-channel protocol (control + data)	Simple, widely supported, minimal overhead	Insecure on public networks; NAT/firewall issues with passive ports	Isolated internal networks, temporary file sharing	Fully supported
FTPS (Explicit TLS)	TLS/SSL encryption for both control and data channels	21 (+ passive port range for data)	Starts as FTP, then client requests encryption (AUTH TLS)	Backward compatible with FTP; flexible configuration	More complex firewall/passive mode setup; requires certificates	Public or corporate FTP with security compliance needs	Supported (via IIS with certificate)
FTPS (Implicit TLS)	Always encrypted (TLS from first packet)	990 (+ passive ports)	Fully encrypted session from the start	Enforced encryption, simpler security model	Rarely used; limited compatibility	Legacy systems using port 990	Partially supported (requires compatible clients)
SFTP (SSH File Transfer)	Full SSH encryption	22 (single port)	Operates over SSH; single channel for control and data	Easier firewall/NAT configuration; key authentication; high security	Not compatible with FTP/FTPS; requires different clients/servers	Administration, DevOps, or external access behind strict firewalls	Not supported in IIS; use OpenSSH or a third-party server

 

How to choose the right option for you?

• If you are configuring FTP via IIS and want to keep things simple and compatible, FTPS (Explicit TLS) is the best choice. It provides data encryption and is supported by most modern FTP clients, including FileZilla and WinSCP.
• If reliable operation behind a corporate firewall is important to you or you require key-based authentication, use SFTP. This option is more secure, easier to configure with NAT, and preferred by administrators and DevOps teams.
• If the server only operates on a local network (e.g., within an office), you can stick with regular FTP, but it is still recommended to enable FTPS support - even basic encryption reduces the risk of password leaks.
• If your infrastructure includes older systems that use port 990, you may want to consider FTPS (Implicit). This option is becoming less common, but remains relevant in some enterprise solutions.

 

 

 

 

 

Setting Up the FTP Server in Windows 10 (IIS)

 

Note: IIS (Internet Information Services) is a built-in server component of Windows that allows you to host web applications, FTP, and SMTP services without installing third-party software.

Windows 10 utilizes Internet Information Services (IIS) to manage various web services, including FTP. Here's how to create and configure your FTP server:

 

Enabling IIS and necessary components

1. Press Win + R, enter the command optionalfeatures.exeand press Enter.
2. In the Windows Features window, expand Internet Information Services.
3. Select the following components:
   • Web Management Tools → IIS Management Console
   • FTP Server → FTP Service
   • FTP Server → FTP Extensibility
4. Press OK and wait for the installation of IIS and FTP components to complete.

 

Creating a new FTP site

1. Open IIS Manager (in the Start menu, type “IIS” or “Internet Information Services Manager”).
2. In the left pane, Connections, expand your computer name.
3. Right-click on the Sites section and select Add FTP Site….
4. In the Site name field, enter a meaningful name, for example:My FTP Server.
5. In the Physical path field, specify the folder that will be the root directory of the FTP server (for example, C:\FTPShare).
6. In the Binding and SSL Settings step:
   • IP Address - leave All Unassigned or select a specific IP address;
   • Port - the default is 21;
   • SSL - select No SSL for now (encryption can be enabled later when configuring FTPS).
7. Click Finish to create the FTP site.

 

Configuring authentication and permissions

1. In the list of sites, select the FTP site you created.
2. Double-click FTP Authentication → enable (Enable) Basic Authentication.
3. Go to FTP Authorization Rules → select Add Allow Rule…:
   • Specified users - specify the names of Windows users who will be allowed access;
   • Select access rights: Read or Read/Write.
4. Check NTFS permissions for the FTP folder - users must have the appropriate permissions at the file system level.

Configuring passive mode and firewall (recommended)

1. In the IIS root, select the server → open FTP Firewall Support.
2. Specify the port range for passive mode (for example, 50000-50100) and, if necessary, External IP Address.
3. In Windows Firewall, add inbound rules for:
   • TCP 21 - main FTP port;
   • Range 50000–50100 - passive connections.

 

After these steps, the FTP server is ready to use. You can now test the connection locally and, if necessary, proceed to secure the connection using FTPS.

 

 

 

Adding users and configuring authorization rules

After creating an FTP site in IIS, you need to add users who will be allowed access and set their permissions - read or read/write. In Windows 10, the FTP server uses standard system accounts, so you need to create a separate profile for each user.

 

Configuring user accounts

To allow users to connect to the FTP server using a username and password, create local accounts for them in Windows:

1. Open Start → Settings → Accounts → Family & other users.
2. Click Add someone else to this PC.
3. Select I don't have the person's sign-in information.
4. In the next window, click Add a user without a Microsoft account.
5. Enter a username and password - this information will be used to log in to FTP.
6. After creation, make sure that the new user has access to the folder selected as the FTP root directory (via folder properties → Security tab → Add → specify username → assign permissions).

For security reasons, do not use administrator accounts. Create a separate FTP user with the minimum necessary permissions.

 

Configuring FTP authorization rules

Once users have been created, you need to grant them access rights to the FTP site in IIS:

1. Open IIS Manager and select the FTP site you created.
2. Double-click FTP Authorization Rules.
3. In the right pane, click Add Allow Rule….
4. In the window that opens, select Specified users and enter the name of the user you created.
5. Set the desired permissions:
   • Read - read only (downloading files);
   • Read and Write - full rights (uploading and downloading).
6. Click OK to save the rule.

Now the user will be able to connect to your FTP server using the login and password created in Windows and perform actions within the scope of the permitted rights.

 

 

 

Starting the FTP Server

 

Start the FTP Service

In the IIS Manager, right-click on your FTP site and select Start.

 

Connect using an FTP Client

Download and install an FTP client software on another computer that needs to access your server. Popular options include FileZilla.

  

 

 

Checking the connection to the FTP server locally

 

Once you have created a new FTP site in IIS, you should make sure that the server is running correctly and accepting connections. The easiest way to do this is to check access locally using the standard FTP client built into Windows.

 

Open the command prompt

Press Win + R, type cmd, and press Enter to launch the Windows command prompt.

 

Connect to the server

Enter one of the following commands:

ftp localhost 

or

ftp 127.0.0.1 

These commands refer to the server running on your computer. If everything is configured correctly, you will be prompted to enter your username and password.

 

Enter your credentials

Enter the username and password you created earlier in the “Adding users” section.

If the connection is successful, you will see a message similar to:

Connected to localhost. 220 Microsoft FTP Service User (127.0.0.1:(none)):

 

 

Check the navigation commands

Try executing a few basic FTP commands:

ls cd get test.txt put upload.txt

This will allow you to verify that the server accepts and transfers files without errors.

 

End the session

To exit the FTP session, execute the command:

bye

 

 

If the connection is established successfully, it means that the server is working correctly and you can proceed to the next step. If the connection fails, double-check that the FTP server service is running, port 21 is not blocked by a firewall, and the correct IP address is selected in the IIS settings.

 

 

Connecting from a Client

Open the FTP client and enter the following information:

Host: The hostname or IP address you specified during FTP site creation (e.g., localhost for local access).
Username: The username you created for FTP access.
Password: The password associated with the FTP username.
Port: By default, the FTP port is 21.

 

Click Connect. If everything is configured correctly, the FTP client should establish a connection to your server, allowing you to browse, upload, and download files within the designated directory.

 

 

Important Security Considerations

 

Configuring an FTP server is not only a matter of functionality, but also security. Since the server provides access to your files over the network, even for local use, it is important to protect against unauthorized access and data leaks.
Before granting access to other users, make sure your server is securely protected: use complex passwords, control network connections, and limit access rights to only the necessary permissions. Let's summarize:

• Strong Passwords: Always use strong, unique passwords for both your Windows user accounts and the FTP login credentials;
• Firewall Rules: Configure your firewall to allow incoming connections on port 21 (the default FTP port) only for authorized users;
• Disable Anonymous Access: Ensure anonymous access to your FTP server is disabled to prevent unauthorized users from accessing your files;
• Limit User Permissions: Only grant users the minimum permissions they need to access specific files or folders within the FTP server directory.

 

 

 

 

How to secure an FTP server with SSL (FTPS)

 

Regular FTP transmits data and passwords in plain text, which makes the connection vulnerable to interception. To secure access and increase security, you can enable FTPS (FTP over SSL/TLS) support directly in the IIS settings. This will encrypt all traffic between the client and the server.

 

Install an SSL certificate

Before enabling FTPS, make sure you have a valid SSL certificate. This can be:

• a self-signed certificate (for testing);
• or a certificate issued by a trusted certification authority.

 

In IIS, you can create a self-signed certificate by selecting the following from the server menu:

Actions → Create Self-Signed Certificate → Specify a name.

 

Enable FTPS in the site settings

1. Open IIS Manager.
2. Select your FTP site from the list of sites.
3. Double-click FTP SSL Settings.
4. In the SSL Certificate field, select the certificate you created or installed.
5. In the Control Channel section, set the Require SSL option (mandatory encryption).
6. Click Apply to save the settings.

 

Now your server only accepts secure FTPS connections. When connecting via a client (e.g., FileZilla), select the connection type "Require explicit FTP over TLS".

If the server is only used on a local network, a self-signed certificate is sufficient. For public access, it is better to use Let's Encrypt certificates or commercial options - this will prevent trust errors and improve the reputation of the site or server.

 

 

 

Alternatives to Setting Up a Windows FTP Server

 

While creating an FTP server on Windows 10 offers customization and control, it might not be the most suitable option for everyone. Here are some alternatives to consider:

• Cloud Storage Services: Many cloud storage services like Dropbox or Google Drive offer file sharing capabilities with user management and access control features. These services are often easier to set up and manage compared to a self-hosted FTP server.
• VPS Hosting: If you require a more robust and scalable solution, consider purchasing a Virtual Private Server (VPS) with pre-configured FTP server capabilities. This option offers increased security and performance compared to a home network server.

 

 

 

In summary, setting up your own FTP server in Windows 10 is an excellent way to establish convenient and controlled file sharing without the involvement of third-party services. By following the steps in this guide, you can quickly launch a working server and securely connect to it from other devices.
The main thing is to remember about security: use strong passwords, restrict access, and monitor your firewall settings.
If you need a more scalable or 24/7 solution, consider cloud services or VPS hosting - they will provide stability and protection without the need for constant administration.