FTP is obsolete.
In the early days of the web, we used to say, “the web is not just HTTP — FTP and Gopher are part of the WWW just as well.” Well, not anymore. Gopher has served its purpose and is gone. But FTP — decomposing and smelly as it is — is getting dragged out of its grave, like a scary Halloween prop, again and again.
Here is a short FAQ:
Q What is the most portable way to distribute files to people?
A HTTP. A modern server like Apache works well, but other options also exist. Anyone who is not living under a rock has an HTTP client.
Q What is the most portable way to distribute files to people, why allowing mass-mirroring?
A HTTP. A modern server like Apache will respond, by default, for queries to foo/ with an HTML page with a list of links. Crawlers know how to use that list of links to get more files. Just make sure to tell the crawler “only under /where-ever-the-top-is/”.
Q What is the fastest way to distribute files to people/machines?
A HTTP, at least for sufficiently large files (>5KB). The HTTP header is negligible, HTTP supports resume/suspend and after a short header, everything that follows is the unadorned file.
Q How can I distribute files to authenticated users?
A HTTP. It supports several authentication mechanisms, but you probably want to use BasicAuth. Here is a short tutorial on how to set up Apache for authenticated downloads. (The summary: create an passwd file, set an authentication directive in the configuration). It takes about 5 minutes to set up. If you want only people who know the password, not people with sniffers, you might want to consider HTTPS. Luckily, setting that up in Apache is an extra line in the configuration file.
Q So, when should I use FTP?
A If you have reason to suspect that the other side of the connection is using a machine that has not been upgraded since 1991.
Q Any other reason?
A Sure, when…wait, no, that’s pretty much it. In any other case, use HTTP.