MagicWP Docs

SFTP

Connect to your site's files over SFTP

Every MagicWP site has secure SFTP access to its files — themes, plugins, uploads, and wp-config.php. It's password-based over SSH, so any standard SFTP client or the sftp command works.

Find your credentials in the dashboard: your site → SFTP.

Connection details

The SFTP page shows everything you need. Copy each value from there:

SettingValue
ProtocolSFTP (SSH File Transfer)
Hostyour site's domain, e.g. yourdomain.com
Port2222
Usernameshown on the SFTP page
Passwordshown on the SFTP page (click the eye to reveal)

The port is 2222, not 22

MagicWP serves SFTP on port 2222. Connecting on the default port 22 will fail — always set the port explicitly in your client or command.

Connect from the terminal

sftp -P 2222 [email protected]

Replace USERNAME and the domain with your own values (the page shows a ready-to-copy version of this command). You'll be prompted for the password after you run it. Once connected, use ls, cd, get, and put to move files.

Connect with an SFTP client

Any SFTP client works — FileZilla, Cyberduck, WinSCP, Transmit — on Windows, macOS, or Linux. Create a new connection with:

  • Protocol: SFTP / SSH File Transfer Protocol
  • Host: your domain
  • Port: 2222
  • Logon type: Normal (username + password)
  • User and Password: from the SFTP page

Save it, connect, and you'll land in your site's files.

Change your password

The dashboard always shows your current password, so there's no "forgot password" — just set a new one:

  1. On the SFTP page, click Change Password.
  2. Type a new password, or click Generate for a strong random one.
  3. Click Update Password.

Passwords must be 8–64 characters and include an uppercase letter, a lowercase letter, and a number. 12+ characters is recommended. The change applies immediately — update your saved client connection with the new password.

Where your files are

Once connected you'll see your WordPress install. The paths you'll use most:

PathContents
wp-content/themes/Your themes
wp-content/plugins/Your plugins
wp-content/uploads/Media library files
wp-config.phpSite configuration

Back up before editing core files

Editing WordPress core, active theme, or plugin files over SFTP can take your site down if something breaks. Take a backup first, and avoid changing files in wp-includes/ or a plugin's own folder unless you know what you're doing.

Security tips

  • Never share your SFTP credentials.
  • Use a strong password (12+ characters — mix upper/lowercase, numbers, symbols).
  • Change the password immediately if you suspect it's been exposed.
  • Verify the host key fingerprint the first time you connect.
  • Always back up before editing files directly.

On this page