Documentation forServ-U MFT & Serv-U FTP Server

Serv-U glossary

Administration privilege

Serv-U provides four levels of administration privilege:

  • No Privilege: a regular user account that can only log in to transfer files to and from the File Server. The Serv-U Management Console is not available.
  • Group Administrator: can perform administrative duties relating to the primary group to which they belong. They can add, edit, and delete users which are members of their primary group, and they can also assign permissions at or below the level of the Group Administrator. The primary group is that listed first in their Groups memberships list.
  • Domain Administrator: can perform administrative duties for the domain to which their account belongs, except configuring their domain listeners, configuring or administering LDAP groups, and configuring ODBC database access for the domain.
  • Service Administrator: can perform any file server administration activity including creating and deleting domains, user accounts, or even updating the license of the file server. A user account with System Administrator privileges that is logged in through HTTP remote administration can administer the server as if they had physical access to the server.

You can also create read-only group, domain and system administrator accounts which can allow administrators to log in and view configuration options. Read-only administrator privileges are identical to their full-access equivalents, except that they cannot change any settings or create, delete or edit user accounts.


A Serv-U File Server feature that allows administrators to block IP addresses who attempt to connect repeatedly with incorrect credentials. By handling only IP addresses who repeatedly fail to log on correctly, anti-hammering allows for smart blocking of bots and hackers.

Bounce attack A method of exploiting the FTP where an FTP client instructs the FTP server to make an outbound data connection to a different IP address, rather than the client's IP address.
Directory access rules Directory access encompasses all of the permissions applied to a server, domain, group, and user that grant and deny access to files and folders. Directory access rules are the foundation of file access rights, because they determine what a user can or cannot access, and how they can access it.
Event A Serv-U File Server event primarily consists of an event type (for example, User Login or File Upload Failed), and an action type (for example, Show Balloon Tip or Send Email). Serv-U File Server events are used to automate behavior and to provide greater visibility of important file transfer processes.
FTP The standard network protocol used for transferring computer files between a client and server over the internet.
FTPS This is a more secure extension to the commonly used File Transfer Protocol that adds encryption using the Transport Layer Security (TLS).
Gateway The optional Serv-U Gateway allows you to safely accept incoming connections in the DMZ, and provides deeper protection for file transfers on secure networks. It safely handles traffic that should not be directly passed from the Internet to secure internal systems.
Group A collection of user accounts that share certain attributes. A user can be a member of multiple groups.
Home directory The home directory for a Serv-U user account is where the user is placed immediately after logging in to the file server. Home directories must be specified using a full path including the drive letter or the UNC share name.
HTTP The Hypertext Transfer Protocol (HTTP) is a request–response protocol in the client–server computing model.
HTTPS This is a more secure extension to the HTTP that adds encryption using the Transport Layer Security (TLS).

IP access rules

IP access rules are used in Serv-U File Server to determine who can connect to the server. Rules set up at the server and domain levels define who is allowed to make an initial connection to Serv-U File Server. Rules set up at the group and user levels define who can connect using a given user account.


A configuration option that can be set at the server, domain, group, or user level. Limits can be set for password complexity requirements, session timeout, Web Client customization, and more.


A listening service in Serv-U File Server that is configured in a domain to accept incoming FTP, FTPS, SFTP, HTTP or HTTPS connections.
PASV This is the command that the FTP client uses to tell to the server it's in passive mode. Passive FTP is a preferred FTP mode for FTP clients behind a firewall.
Server Identity A unique "secret object" used to securely encrypt data. For a server with multiple instances, this is exported from the host machine and imported to the other instances. (Serv-U 15.3.2 and later)


Secure Shell (SSH) is a cryptographic protocol for operating securely over an unsecured network. It provides a secure channel connecting an SSH client application with an SSH server.

SSH keys

SSH keys are an access credential used in the SSH protocol. SSH keys always come in pairs, made up of a private key and a public key.
TLS Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security to FTP and HTTP.
Virtual Hosts Virtual hosts are used to access a specific domain when listeners are shared by multiple domains.
Virtual Paths Virtual paths are used to link a physical path outside a user's home directory into the directory listings received by that user.