Yes, it can be done, as long as your ISP allows it.
Daniel B., CEO - Bezoka.com and Ungigs.com Hosting Solutions Optimized for: WordPress • Joomla • OpenCart • Moodle Data Centers in: Chicago (US), London (UK), Sydney (AU), Sofia (BG), Pori (FI) Email Daniel directly: ceo [at] bezoka.com
A simple, no-frills approach would be (once you have the server up and running, and networked):
- Open a dyndns.org account (free) which will give you a permanent hostname for people to reach you. Read up on and install a required update-client on your server.
- Install FTP server software that supports auth-TLS on your server, or use SFTP (which uses SSH). With either of these options the login credentials (username/password) are not transmitted in plain text.
- Install a firewall on the server, and restrict access to the IP addresses of the people who you want to connect. If they are on dynamic IPs also, you can restrict access to networks, e.g., 192.168.1.0/24 or 192.168.0.0/16, which is still vastly better than leaving yourself open to the Internet at large.
- Create accounts on your server for your clients.
- Have your clients install a secure FTP program (that supports SFTP or auth-TLS, whichever route you go) on their computers. There are a few free ones, such as CoreFTP.