FTPS (FTP over SSL)
What is Port 990?
Port 990 is the default port for FTPS (FTP over implicit SSL/TLS), which provides encrypted file transfers using the FTP protocol wrapped in TLS. Unlike explicit FTPS which uses STARTTLS on port 21 to upgrade a plaintext connection, implicit FTPS on port 990 requires TLS from the very beginning of the connection. When a client connects to port 990, it must immediately begin the TLS handshake before any FTP commands are exchanged. FTPS was one of the first approaches to securing FTP and is defined in RFC 4217. While SFTP (which runs over SSH on port 22) has become more popular due to its simpler firewall requirements, FTPS remains widely used in industries that require FTP compatibility with encryption, such as healthcare (HIPAA) and finance (PCI DSS).
Common Uses
- Encrypted file transfers for compliance (HIPAA, PCI)
- Secure FTP access for web hosting management
- EDI (Electronic Data Interchange) file transfers
- Legacy system secure file exchange
Technical Details
Copy-paste commands to check port 990 (FTPS (FTP over SSL)) from your terminal
Test connectivity
nc -zv example.com 990
curl -v --max-time 5 http://example.com:990/
telnet example.com 990
nmap -p 990 -sV example.com
(echo > /dev/tcp/example.com/990) 2>/dev/null && echo "open" || echo "closed"
Open port in firewall
sudo ufw allow 990/tcp
sudo iptables -A INPUT -p tcp --dport 990 -j ACCEPT
sudo firewall-cmd --permanent --add-port=990/tcp && sudo firewall-cmd --reload
Security Considerations
FTPS provides strong encryption but the dual-port nature of FTP (control + data channels) complicates firewall configuration and NAT traversal. Passive mode is required for most firewall configurations. Ensure strong TLS versions (1.2+) and cipher suites. Require client certificate authentication for sensitive environments. Consider SFTP as a simpler alternative with equivalent security.
Popular Ports Reference
The most commonly used and referenced network ports