File Transfer Protocol (FTP/SFTP)

When hosting your WordPress site on WP Engine, you may need to connect directly to your website’s filesystem. On other platforms you may already be used to using FTP. At WP Engine we use SFTP which works the same, except it uses a layer of encryption for security and is restricted to a secured port.

Most commonly you’ll need SFTP access when migrating your site, performing a partial restore, or while editing/accessing a specific file (such as the wp-config.php file).


SFTP Clients

Before you can connect to your site’s file system, you’ll need access to a compatible client. While we don’t restrict the programs you can use, but a program may not be compatible. We recommend one of the following clients:

While you are free to use the SFTP client of your choice, your SFTP client will need to use one of the following supported ciphers:

  • aes192-ctr
  • aes256-ctr

We do not support SFTP ciphers: SHA1, aes128-ctr, CBC, RC4, 3DES, MD5, and RIPEMD for security reasons. If your SFTP client uses one of these ciphers, it will not work properly with our platform.

NOTE: Before connecting, always ensure your client is updated, as this is a common cause of connection issues.


Add SFTP User

Along with an SFTP client you will need SFTP credentials. These are not your wp-admin or User Portal credentials. Each set of SFTP credentials will only work for one environment.

  1. Log in to the User Portal
  2. Select the environment you wish to connect to
  3. Click SFTP Users
  4. Click Add SFTP User
  1. Fill out the following required fields:
    • Username — Your environment name will be appended to this automatically after saving:
      • EX: environmentname-username
    • Password — You can securely generate a random password by clicking the lock icon, or set a password with the following requirements:
      • At least 8 characters
      • Uppercase and lowercase letters
      • Include numbers and special characters
      • Once the password has been set it cannot be viewed again. If you lose the password, you will have to set a new one. Be sure to copy or write the password down before saving.
    • Path (Optional) — A specific directory to connect to. Defaults to the root if left blank.
      • Must be a relative path, starting with a forward slash.
      • Do not include HTTP/HTTPS, or your domain.
      • Any subdirectory below the path defined can also be accessed. Any directory above the path defined cannot be accessed.
      • To restrict a theme developer to all theme directories: /wp-content/themes/
      • To restrict a vendor to media uploads from April 2019: /wp-content/uploads/2019/04/
    • Environment
  2. Click Add SFTP User

Edit SFTP User

To edit an existing SFTP user:

  1. Log in to the User Portal
  2. Select the environment you wish to connect to
  3. Click SFTP Users
  4. Click on an existing username
  5. Fill in a new password with the following requirements OR hit the lock icon to generate a secure password automatically
    • At least 8 characters
    • Uppercase and lowercase letters
    • Include numbers special characters
  6. Click Update User

Connect to SFTP

After adding an SFTP user, take note of the SFTP Address and Port Number in your User Portal. The SFTP address is different for every environment. This rule excludes Legacy Staging which actually uses the exact same hostname as its live counterpart.

In this example we’ll be using FileZilla, but the fields should be similar in any client. Fill out the following fields then hit Connect.

Host  — SFTP Address

  • When using Quick Connect in FileZilla you will need to specify sftp protocol by also adding sftp:// before the hostname.
  • EX: sftp://environment.sftp.wpestaging.qa

Username  — Username set in the User Portal. Your unique environment name is appended and hyphenated automatically.

  • Ex: environment-someuser

Password — Password exactly as set previously.

  • Pay attention to capital letters, spaces, symbols, etc.
  • If you forgot the password it cannot be viewed again after saving. You must edit the SFTP user to set a new password.

Port — Always set to 2222

  • No other port numbers will work here.

NOTE: You may see a pop up referring to SSH host keys if you’ve never connected before. Accept any warnings to continue.


SFTP Tips

  • Make a backup before editing any site content.
  • Once you are connected to your site, you will see a directory listing of your computer’s contents on the left. Your remote website directory is on the right.
  • Double-click a directory name to expand and view the contents.
  • Drag and drop files between locations or directories.
  • If you are replacing a file be sure to accept any prompts to overwrite the existing file or you will not see your changes.
  • Reset file permissions and purge server caches from the WP Engine plugin after making changes.
  • Location quick reference:
    • Theme files: wp-content/themes/
    • Plugin files: wp-content/plugins/
    • Uploads: wp-content/uploads/
      • Often divided further by year, then month: wp-content/uploads/2019/04
  • Your SFTP host name and user name will both include the environment name at the beginning. This should make verifying that you’re connecting correctly a little easier.

Common Issues

Error: Cannot establish FTP connection to an SFTP server. Please select proper protocol.

  • Ensure you have set your client to connect using SFTP protocol.
  • This may be a dropdown to select SFTP, or you may have to preface your hostname field with sftp://
    • EX: sftp://mysite.wpestaging.qa
  • Ensure you are using the correct port. Only port 2222 is supported.

Error: Authentication failed.

  • The user name or password is wrong.
  • Change your password or try adding a completely new user.

I’m being prompted to update my SSH host keys. I hit “accept”, but still can’t connect.

  • During security updates our server host keys can change. You may need to delete your existing SSH host keys first before new ones can be properly accepted by your SFTP client.

Still unable to connect with SFTP?

  • Restart your FTP client completely
  • Try connecting with a different client
  • Ensure your client is up to date
  • Verify the path you’re connecting to exists as a directory on your website, or reset the path to default completely
  • Create a different SFTP user
  • Try to connect to any other environments on your account with SFTP
  • Contact our Support team

I connected without an error, but my remote directory and file listing is blank.

  • Check the path your user is configured for. Does it exist? Is it spelled right?
  • Is the SFTP user configured for legacy staging? Legacy staging may not exist. Edit the user and set it to Production.

I’m not seeing changes on my site after uploading a file.

  1. Reset file permissions
  2. Purge server caches
  3. Purge local caches

Still not seeing your changes?

  1. If you modified a theme/plugin file, ensure you have the correct theme/plugin name activated
  2. Add a comment to the top of your file and upload it again
  3. Try opening your file in the browser directly- Do you see your comment or code changes?
    1. EX: http://mydomain.com/wp-content/uploads/test.txt
  4. Try uploading a test TXT file to the same directory, then see if you can load that file in your browser directly. Can you view this test file?

If you can see changes in the files when viewed directly but not on the website, it is most likely a caching issue.

  • Try purging local and server caches again
  • You may even need to restart your computer
  • Test again on a mobile device, disconnected from WiFi

If you can’t see any changes when directly viewing files you’ve added, it’s most likely an SFTP connection issue.

  • Check the host name, username, password and port.
  • Verify you’re uploading to the correct directory
  • Confirm the file name spelling and capitalization

Update SFTP Host Keys

If when using your SFTP client on WP Engine, you receive a warning that your “host keys do not match” or “host key changed”, you will need to update host keys stored on your local machine. There are three options to update your host keys.


Update Host Key

Option one in this scenario is to manually update your host key. This method generates the new host key and connects you to your host: environment.sftp.wpestaging.qa. This is the easiest, recommended method. Please keep in mind these steps need to be taken on the local computer where you are experiencing this issue.

Run the following command in a local Mac/Linux Terminal window, where environment is the name of your WP Engine environment:

  1. cd ~/.ssh
  2. ssh-keygen -R environment.sftp.wpestaging.qa:2222

Delete All Host Keys

Option two in this scenario is to delete the host key entry for your host: environment.sftp.wpestaging.qa

Mac/Linux

To delete your local host key, you just need to remove your known_hosts file. Open terminal and run the following commands:

  1. cd ~/.ssh
  2. rm known_hosts

Windows

To update your local host key on a Windows machine, open up PuTTY and perform the following steps:

  1. Open up regedit.exe by doing a search
  2. Navigate to HKEY_CURRENT_USERSoftwareSimonTathamPuTTYSshHostKeys
  3. Delete all keys listed

Update known_hosts File

Similar to removing removing all known hosts in Option two, this option removes just one known host.

The warning message your SFTP client shows will usually list the line in known_hosts that is triggering this message, so be sure to make a note of this.

Mac/Linux

On Mac/Linux you can simply edit the file using vi, which is a text editor. Run the following commands. Be sure to update 100 to the line number your error message displays.

  1. cd ~/.ssh
  2. vi known_hosts +100

Once the file opens to this line:

  1. Type the key d twice to remove the line
  2. Type :x to save.

Windows

On a Windows machine using PuTTY, go to the Registry folder just like in step two. In that directory, a list of hostnames appears. Right click on the environment.sftp.wpestaging.qa one, and then select Delete.


Limitations

We do not support the SFTP ciphers SHA1, aes128-ctr, CBC, RC4, 3DES, MD5, and RIPEMD for security reasons. If your SFTP client uses one of these ciphers, it may not work properly with our platform. We suggest reaching out to your SFTP software maker to get instructions on how to disable these.

WP Engine does not support FXP (File eXchange Protocol) due to its dependency upon FTP (File Transfer Protocol), which is an insecure method of transferring files. WP Engine only supports SFTP (Secure File Transfer Protocol) due to its improved security features.


NEXT STEP: Troubleshooting with the WP Engine error logs

Still need help? Contact support!

We offer support 24 hours a day, 7 days a week, 365 days a year. Log in to your account to get expert one-on-one help.

The best in WordPress hosting.

See why more customers prefer WP Engine over the competition.