If using WordPress hosting or you upload any PHP files or anything else relating to the admin back-end, the PHP files include server-side code that you do not want to make public, as it could provide useful information to someone wanting to attack your server.

Also by using FTP someone could alter the content being transferred in transit, so even if it is all public domain, it could arrive on your server with unwanted payloads and you would never know for sure.

Also by using SFTP, you have more chance of verifying the server's identity, that the one you are sending to is authentically the same one as when you setup the connection (via the host key), which in a way is a point of HTTPS as much as for the encryption in transit.

Sometimes when maintaining a CMS you may need to download or restore a database backup (or SQL dump) that was saved locally into the hosting file system by the server. This will also be highly sensitive data.

Edited by prlzx (Fri 07-Jun-24 00:58:12)

The flip side is that one customer can’t use up all the resources, giving a better service to the majority, I can see why they do it.

However, we use a company called guru.co.uk, they have been going for 20+ years with the same owners, I honestly can’t fault them. They also include allot of extras, that would usually be charged for, like offsite backups.

100GB of storage, 1TB of transfer, accelerated Wordpress, £8.99 month.

Thanks, I might just look at them. Trying to transfer a couple of files ~60Mb each and GoDaddy's ftp is running about 50K bits/s. I've had to set the fileZilla timeout off as even with a 2min timeout it is failing part way through the transfer. And of course tech support is out to lunch too.

Avoid GoDaddy, their service is complete rubbish.