How can I make FTP accounts that are not Public?

[Lagman]

I've been trying to figure this out for a while but can't find anything like this in the forum yet.

I want to create ftp accounts for users which are exclusive to them.
In other words, I want to create an ftp account that makes their home directory a fairly protected space that no one else can see.
The problem I'm having is that when you create an ftp account through cpanel, it does exactly what it says but places the new user's home directory in /home/accountname/public_html/ftpusername/
This means that the directory is wide open to the public! Anyone who browses to domainname.com/ftpusername/ will see all the files they've got in their FTP home dir.

I've tried the simlink idea but the simlink also works for the web browser so even the the physical file is elsewhere, it's still browsable anonymously via http

Anyone have any ideas on how to make an ftp account that is just an ftp account and not exposed to the public via www.domain.com/ftpuser/ ?

Thanks.

[sawbuck]

One simple solution is to add a blank index file to the ftp directory.

[sawbuck]

Something else had forgotten about. You can chmod the permissions to 700 which should throw a 403 error when accessing via http but still allow ftp logins.

[webignition]

Or you could pop a .htaccess file in the FTP user's home directory with a rule to restrict access to all files:

Code:

<Files ~ "*">
    Deny from all
</Files>

The above is just a guess, based on a current rule I have to block access to 'header.php' for a site:

Code:

<Files ~ "^header\.php$">
    Deny from all
</Files>

[Lagman]

Thanks.
Both the chmod and the .htaccess file worked. Well caused apache to throw an error but would not let the contents of the ftp user directory be seen. (I haven't tried the other suggestions yet.)

It's a shame that we don't have a more robust way to setup real ftp user accounts that are not subdirectories of ../public_html/ through cpanel though.