Per-account ability to deny all forms of file management access [Case 45952]
Hello,
When creating a new account through whm, a new user and password will be created to use to login to control panel and FTP to entire account.
How to prevent users can access through FTP? I am a web designer that all I need is offer access to cpanel only, blocking totally access through ftp. It's possible?
Regards
Allowing cPanel access but not allowing FTP access for specific accounts is not functionality natively offered by cPanel/WHM. As a result, such a thing would need to be done manually.Originally Posted by darjohn
Hello,
When creating a new account through whm, a new user and password will be created to use to login to control panel and FTP to entire account.
How to prevent users can access through FTP? I am a web designer that all I need is offer access to cpanel only, blocking totally access through ftp. It's possible?
Regards
Some have disabled the FTP service alltogether in the past to completely disable FTP accounts.
I remember a recent forum thread where someone was attempting to manually modify configuration files to dis-allow specific users. However, I don't readily recall if they were successful with that.
Keep in mind, if you disable FTP access, your cPanel user will still have access to the files via File Manager, Legacy File Manager (both can be disabled via Feature Manager) and Webdisk (DAV protocol).
Hello, can you tell me how to prohibit ftp access for specific account?
Thank you
FTP and Webdisk will always be enabled for all cPanel accounts. At this time, there is no functionality in either the cPanel or WHM interfaces for disabling individual accounts' FTP and Webdisk access without also disabling the cPanel account as well.
Our company too has expressed the need for disabling ftp on specific accounts.
There indeed seems no obvious way to disable ftp for specific accounts.
We have however found that the /etc/proftpd/ seems to contain a list of ftp accounts for specific users.
Perhaps removing/altering these userfiles will temporarily disable ftp on this account (that is until you change settings on this account which result into getting the password reset).
Perhaps in the near future
This can be done. see http://forums.cpanel.net/f5/new-acco...tml#post532009
cPanel account without access to files
Is it possible to create a cPanel account for a client, which does not have access to the hosted files? It should allow the client to play with emails, domain names and stuff like that, but not have access to ftp, file manager and other similar features.
If its not, then I'll be forced not to give the client access to cPanel at all, but I'll have to create each email account for him by hand.
Any help would be appreciated.
Thank you.
CODE IS POETRY
I support this idea 100%. IMHO it should be possible to have ftp access disabled by default for all new hosting accounts, and then to be able to selecting turn it back on per hosting account, as/where needed.Hello,
When creating a new account through whm, a new user and password will be created to use to login to control panel and FTP to entire account.
How to prevent users can access through FTP? I am a web designer that all I need is offer access to cpanel only, blocking totally access through ftp. It's possible?
Regards
Reading around these forums it seems like there are manual ways to achieve this by editing config files, but this is not a user-friendly solution. This issue is becoming a business imperative for us.
Here's hoping the cPanel guys can make this happen in the not too distant future.
Thx.
- Web Design Perth .:. Itomic Business Website Solutions of Perth, Western Australia
fyi: this issue is discussed here:
http://forums.cpanel.net/f5/cpanel-a...ss-106449.html
and here:
http://forums.cpanel.net/f5/new-acco...ss-120465.html
This is starting to become a huge issue for us, with (for example) clients who have cpanel access, and therefore can "have a go" at tweaking the code of their sites, either via file manager and/or an ftp client, without a) telling us or b) really know what they're going. So down the track we're working on the site and inadvertently overwrite their changes, which of course causes more problems.
So as a matter of urgency we need to see cPanel access and ftp access as two very different things. So leave ftp access as it is, then offer a cut down version of cPanel to only include those features/functions that don't allow changes to be made to the live site (code or databases).
- Web Design Perth .:. Itomic Business Website Solutions of Perth, Western Australia
That is exactly what we need!
CODE IS POETRY
I'm searching for the same solution without manual interaction.
It's a good thing if the new account is created with a package including 0 ftp logins and no ftp related features.
Also because I doubt that resellers can do something to avoid this problem (manually change the password to the ftp account?).
Ability to deny ftp access on a per-account basis
This issue has been discussed here:
http://forums.cpanel.net/f5/cpanel-a...ss-106449.html
and here:
http://forums.cpanel.net/f5/cpanel-a...es-153749.html
Bottom line: it's fast becoming a business imperative for us that we're able to turn off ftp access to some of the sites we host, including all methods of being able to change files such as cPanel's File Manager.
This is NOT us being "control freaks". As designers and developers of most of the sites we host, we are responsible custodians (on behalf of our valued clients) over that code. If they wish to dabble with the code themselves - that's fine, we'll grant them access - but only after they've signed a form that says that they understand what they're doing and accept that we'll charge them to fix up anything they break. Plus there's the issue of multiple developers potentially/accidentally over-writing each others code when lots of people have ftp access.
Thanks for your consideration.
- Web Design Perth .:. Itomic Business Website Solutions of Perth, Western Australia
While there isn't an interface to do this in whm, it is really easy to disable ftp per user using ssh. Just create a file called /etc/ftpusers and list the usernames that you want to disable. This is assuming that you are using pure-ftpd.
Thanks for your feedback.
We'll take that suggestion on board. Of course the ideal solution remains a checkbox within the WHM interface that achieves this - including removing/disabling of related cPanel tools such as File Manager.
My experience over the years with cPanel/WHM has been that when you do a "custom tweak" then you remain vulnerable to the tweak being undone sometime in the future without you knowing about it, e.g. because WHM is auto-repairing itself and/or a future upgrade undoes or negates it.
- Web Design Perth .:. Itomic Business Website Solutions of Perth, Western Australia
Been able to restrict ftp access to clients via WHM is an important one.
As part of a web-development organisation we are responsible for the code, so for a client to be denied access to ftp with one hand, only for them to be able to access it via a back door is a bad thing.
There can be too much time wasted arguing with a client about who broke the code if they have any ability to access ftp (no matter how obscure the route taken to get there).
I don't have an answer - but I do have a need.
LinkBack URL
About LinkBacks
Reply With Quote