Why mastering a few FTP moves can save your business — fast
Your website just went down. You feel sick, angry, and helpless. Before you hit panic mode and call every vendor, a simple set of FTP skills can get you back online or at least buy you the time to fix the real problem. This list walks you through five concrete, field-tested FTP actions that solve the most common outages: corrupted files after updates, hacked code, accidental deletions, permission errors, and stalled uploads. Each step includes exact things to check, short commands or client actions to perform, examples of what success looks like, and when to step back and call an expert.
If you already use FTP casually, this guide will raise the level of what you can fix on your own. If FTP feels intimidating, these steps are written so a stressed small business owner, blogger, or freelancer can follow along, triage quickly, and make smart decisions without causing more harm. Expect practical troubleshooting, expert tips that guests rarely share, and few contrarian ideas that might go against quick-fix advice from a panicked forum. Read this list, act methodically, and you’ll calm the crisis and protect your income stream.
Step 1: Connect safely and confirm the outage isn’t local
When a site appears down, the first instinct is to start changing files immediately. Don’t. Begin by verifying whether the problem is truly server-side. Use a reliable FTP client like FileZilla, WinSCP, or Cyberduck. Try SFTP first - if your host supports it, SFTP provides encryption and often avoids firewall issues common with plain FTP. Enter host, username, password; use port 22 or the port specified by your host. If you cannot connect, test from another network or device to rule out local firewall or ISP blocks.
Once connected, check these quick signals: is the public_html (or www) folder present? Can you list files with no timeout? If directory listing times out or you get permission denied errors, the issue may be account suspension, quota limits, or a server-side outage. Take screenshots of error messages and connection logs; they matter if you escalate to support. A contrarian point: some guides push immediate DNS checks first. DNS can be a factor, but FTP will tell you whether your account and file system are reachable. If FTP works but the site doesn’t, the problem is likely web server configuration rather than file deletion.
Step 2: Identify and isolate suspicious files without overwriting anything
If connection succeeds, don’t jump to replace files. Scan the site from the root of your web folder for recently modified timestamps and livingproofmag.com files you don’t recognize. Sort directory listings by modified date; on most clients you can click the Modified column. Malware and rogue scripts often appear as PHP files with random names, unusual timestamps, or extra characters appended to legitimate filenames. Back up the entire site folder to your local machine before touching anything. Use your FTP client to download rather than delete.
Next, create a quarantine folder on the server (for example, /quarantine-YYYYMMDD). Move suspicious files into that folder rather than deleting them. Why? Immediate deletion can break links or remove forensic evidence needed by security pros. A contrarian view: some security articles advise deleting suspicious files immediately. That can remove the active threat fast, but it also removes context and makes recovery harder if you later discover the file was benign. Moving to quarantine preserves a reversible state while stopping execution if your server no longer reaches those files via URL - you may need to adjust .htaccess to deny access to the folder.
Step 3: Restore a known good copy using FTP and test incrementally
When corruption or bad updates brought the site down, restoring a clean backup is often the fastest route. If your host offers automated backups, use FTP to upload the backup files to a temporary folder, then swap them in place. If you have a local copy, upload it via FTP in binary mode for non-text files and ASCII for text files if your client still asks. Modern clients auto-handle this, but check file integrity by comparing sizes and timestamps. After restoring, clear any server-side cache and reload your site in a private browser window to avoid cached error pages.
Test one component at a time. For WordPress sites, restore wp-config.php, then wp-content/plugins, then themes. Activate the site with a static index.html if PHP runtime is causing errors, so visitors see a friendly maintenance page while you confirm full functionality. Contrarian insight: some professionals avoid full restores and instead patch only problematic files to keep customizations intact. That works if you can isolate the bad change, but a full restore is faster and reduces the chance of missing a hidden backdoor. Keep a copy of the broken state; it may contain clues an automated scanner will miss.
Step 4: Fix permissions, ownership, and .htaccess issues that silently break sites
File permissions frequently block PHP from running or serve 500 errors without obvious signs. Using FTP, you can check permissions (shown as numeric codes like 644 or 755 in clients). Standard permission setup: directories 755, files 644, and config files like wp-config.php set to 600 or 640 for added security. If permissions are too loose, a host security policy might block execution. If you find 777 anywhere, change it immediately to a safer value and test again. Many FTP clients let you recursively set permissions; use that with caution and avoid touching permissions on entire server trees without understanding implications.
Ownership is another invisible problem. If files are owned by a different user - often after a server migration - PHP may not access them even with correct permissions. FTP can’t change ownership unless it supports SSH-based commands. If you suspect ownership issues, generate an error log or contact host support asking them to adjust chown. Also examine .htaccess for redirect loops, deny rules, or malformed syntax that results in 500 errors. A quick trick: rename .htaccess to .htaccess.bak and reload the site - if it comes back, the issue lives in that file. The contrarian view here: some operators replace .htaccess wholesale with a default one from the CMS. That restores functionality quickly but can remove critical custom rules; keep a backup copy before overwriting.
Step 5: Harden access and plan for prevention - credentials, SFTP, and least privilege
After a recovery, the most important work starts: preventing recurrence. Change all passwords that could access the site - FTP/SFTP, control panel, database user, CMS admin. Use long, unique passwords and enable two-factor authentication where possible. Move away from plain FTP to SFTP or SSH where your host allows it. If SFTP isn’t available, ask your host to enable it or transfer to a host that supports secure protocols. Create separate, limited FTP accounts for designers or freelancers with access only to specified subfolders rather than your entire site.
Lock down the server by restricting access by IP for admin pages, using .htaccess rules or host control panel tools. Limit file upload permissions for plugins and add monitoring: configure file change notifications so you get alerts when core folders change unexpectedly. Contrarian advice: some will tell you to install dozens of security plugins. That may help, but each plugin is another codebase with potential vulnerabilities. Pick a small set of reputable tools and keep them updated. Bake a backup strategy into your routine - automated daily backups kept for at least 14-30 days, with offsite copies. Regularly test restores via FTP so a backup is not just theoretical.
Your 30-Day Action Plan: Restore quickly and build resilience with FTP as your tool
Day 1 - Stabilize: Use steps 1-3 to confirm the outage, quarantine suspicious files, and restore a clean backup. Put up a maintenance.html page to protect your brand while you work. Record all actions and take screenshots of errors and file listings.
Days 2-3 - Repair and verify: Fix permissions and .htaccess issues. Run a security scan from both server-side tools and external scanners. If you find backdoors, move all suspicious files to quarantine and consult a security expert if malware persists. Test site functionality across several pages and devices. If your site is e-commerce, check checkout and payment flows specifically.
Days 4-7 - Lock down access: Rotate all credentials. Create SFTP accounts for human users and disable anonymous or plain FTP access. Limit admin panel access by IP or require two-factor authentication. Reduce plugin count and update all core software. Schedule automated backups and verify restore by performing an FTP-based restore test on a staging folder.
Weeks 2-4 - Monitor and refine: Set up file integrity monitoring and weekly site scans. Review server logs via your host or ask for logs showing suspicious accesses. If you rely on contractors, give them minimal access and revoke it when the job ends. Create a one-page recovery checklist that includes FTP connection details, backup locations, and emergency contact info for your host.
This plan assumes you start with basic FTP skills and a calm approach. If any step feels beyond your comfort level - such as editing low-level server configuration or cleaning persistent malware - pause and call a qualified security professional. The fastest way to get back online may be to restore a verified backup and then work from a private staging site while you clean the compromised environment. FTP is a powerful recovery tool, but it is one part of a wider strategy that includes secure credentials, backups, and ongoing monitoring. Follow these steps and you will not only recover faster but reduce the chance you face the same crisis again.