Deny Permission to delete/edit files like .htaccess?

**BG06** · 10-26-2006 01:56 PM

Is it possible to deny access for files like .htaccess or even certain .php files for cPanel users?

I don't want some accounts to have the permission to change .htaccess or remove some files in their public_html folder.

**ninja_byte** · 10-26-2006 06:45 PM

What kinds of files within their public_html folder?
If you have specific rules that you don't want them to change within their .htaccess, define them within the apache configuration file(s), or place a .htaccess directly in /home (note, the latter option might cause load increase).

If you want to disable user-land .htaccess files, you can do this in the apache configuration files as well.

I guess a better question is: What are you trying to accomplish? What's the situation that caused this question to come up..?

**BG06** · 10-27-2006 07:19 AM

I added this into the .htaccess of some users and now I don't want them to remove or alter the file. As I cannot move the ad.php to another directory above the users because open_basedir is enabled I'd like to protect this one too.

Putting the .htacess into /home would cause every user to apply this file, right? But as I don't want every user to have this forced ads this is not a solution for me.

**mambovince** · 10-27-2006 08:27 AM

What about using chown so as these files are owned by root, hence user cannot modify?

- Vince

**BG06** · 10-27-2006 08:56 AM

Is it possible to have the owner of these files changed automatically on account creation?

**ujr** · 10-27-2006 09:55 AM

you could try putting them in the in the accounts skeleton directory and chowning them to root:root

**yapluka** · 10-27-2006 12:56 PM

chattr +i /path/to/.htaccess will make the file non modifiable

**BG06** · 10-28-2006 08:33 AM

chattr: Inappropriate ioctl for device while reading flags on /root/cpanel3-skel/public_html/.htaccess

Thats not gonna work.

Originally Posted by ujr

you could try putting them in the in the accounts skeleton directory and chowning them to root:root

I tried that but the user still can edit everything.

**yapluka** · 10-28-2006 11:06 AM

You would need to chattr +i once the .htaccess is in place in your customer account.

**BG06** · 10-28-2006 11:51 AM

It doesn't matter where the file is I always get the same output.

**BG06** · 11-13-2006 06:05 PM

I still couldn't find a solution for the permissions

**Spiral** · 11-14-2006 10:25 AM

Instead of putting commands in .htaccess that you don't want the user to change,
put them in the VirtualHost section of /etc/httpd/conf/httpd.conf for the site(s)
you want those commands added.

If you are trying to do this for all sites, you could use a <Location /> section
before the VirtualHosts sections and put your command in that and whatever
you do would be globally applied to all sites.

Side perk on either method placing commands in Apache's config file is that you
don't have to worry about OpenBaseDir anymore because commands put into
the Apache configuration itself are not subject to any of that.

.

LinkBack

Thread Tools

Deny Permission to delete/edit files like .htaccess?

CSf Firewall: Edit csf.deny, the IP address deny file (Currently:1000 permanent IP b

CSf Firewall: Edit csf.deny, the IP address deny file (Currently:1000 permanent IP b

Error while trying to delete/edit files

Cannot delete/edit/move/rename files in cPanel

how to edit or delete .htaccess?