Support TLS session resumption
On my FTP server, using explicit FTP over TLS, if the option "Require TLS session resumption on data conection when using PROT P" is enabled, Solid Explorer fails with "There was a problem with SSL communication". If that option is disabled, everything works.
Using FileZilla Server 0.9.59.
Daniel Wells commented
It appears that by not having this option, we may be opening up our server to potential attacks.
This issue is old now, but I believe this should be escalated as a vulnerability, rather than a "feature request" based on popular vote.
"Not requiring session resumption allows session stealing attacks. The problem with FTP is that the data connection does not authenticate the client: Imagine you a want to upload a new version of your website. To initiate the transfer your client sends the PASV command followed by the STOR command. The server opens a port and waits for the client to connect to it and upload the file. Now an attacker comes along and figures out the port the server listens on. He connects to the port before you can and uploads a piece of malware to your website."