Cannot disbale FTP in WHM

[mealto]

We have disbaled FTP inside WHM but we can still FTP in. Server company had to edit other files to disable FTP. Why is this?

[cPanelDavidG]

Quote:

Originally Posted by mealto

We have disbaled FTP inside WHM but we can still FTP in. Server company had to edit other files to disable FTP. Why is this?

How did you disable FTP in WHM? Was it via Service Manager or via FTP Server Selection or by some other method?

[Spiral]

Quote:

Originally Posted by mealto

We have disbaled FTP inside WHM but we can still FTP in. Server company had to edit other files to disable FTP. Why is this?

You can turn off monitoring for FTP inside WHM ...

You can restart the FTP server inside WHM ....

You can change the FTP server software in WHM ....

... but there is no way that I know of to disable FTP from inside WHM
so I think you are a little bit confused because WHM does not provide
any option for disabling, turning off, or otherwise removing the FTP server.

For something like that, you would have to do that from the SSH shell
although that would be extremely unwise to do that.

FTP is a main primary service and you don't know what scripts or processes
being used on your server may need direct FTP access. While not necessarily
"stupid" like disabling the SSH server would be, disabling FTP would generally
not be advised unless you have some major reason in doing so. Plus, if you
disable the FTP server, you'll make it a lot more difficult to manage the
hosting accounts deployed on your server since the web based File Manager
is reasonable to manage a few files but doesn't even come close to FTP when
talking about handling large numbers or sizes of files.

This leaves the obvious question ...

Why do you want to disable the FTP server?

[cPanelDavidG]

Quote:

Originally Posted by Spiral

... but there is no way that I know of to disable FTP from inside WHM ...

The method I would use is to go to WHM -> Service Configuration -> FTP Server Selection, for FTP Server select "Disabled."

[Spiral]

Quote:

Originally Posted by cPanelDavidG

The method I would use is to go to WHM -> Service Configuration -> FTP Server Selection, for FTP Server select "Disabled."

Let me be more precise, disable and shut it down from WHM.

(Anyway I can do that in a heartbeat from shell so it's a moot issue anyway)

The bigger point is that I wouldn't want to in the first place!

I don't recommend anyone disable the FTP server unless they have
a really big reason in doing so because that is a core service and
really limits you a lot if it is removed from the system.

We have recently seen a rise in people wanting to turn off the FTP server
but I think this is from a misconceived idea that there is a FTP vulnerability
that doesn't actually exist prompted from the recent China syndicate iframe
hacks where the hackers are actually keylogging and stealing login information
from the hosting client's home computers and then using that information
to login to the client's hosting and bank accounts. These people need to
know that there is no vulnerability in the FTP server and removing FTP is
not going to do them any good whatsoever.

[mealto]

Quote:

Originally Posted by cPanelDavidG

The method I would use is to go to WHM -> Service Configuration -> FTP Server Selection, for FTP Server select "Disabled."

Thanks David. We have passed this on to the server management company. Previously, they had mentioned they need to edit conf.sim and chkconfig as well to fully disable FTP? Is that so?

Add-on: Spiral, we are moving away from FTP and using SFTP only. Server is for internal use only so SFTP is the way for us to go.

[cPanelDavidG]

Quote:

Originally Posted by mealto

Thanks David. We have passed this on to the server management company. Previously, they had mentioned they need to edit conf.sim and chkconfig as well to fully disable FTP? Is that so?

Add-on: Spiral, we are moving away from FTP and using SFTP only. Server is for internal use only so SFTP is the way for us to go.

System Integrity Monitor (SIM) is not something cPanel uses, as it uses chkservd instead. In fact, if you ran SIM and chkservd, the two services could clash when a service went offline.

chkconfig is a system-level method for disabling or enabling services rather than using cPanel/WHM's mechanisms.

[mealto]

Right, it looks like there is a clash. Hence, all the emails coming in saying FTP could not be restarted. Hence, why the server management company had to tweak other files on top of WHM to fully disable FTP and notices. Hope this helps others.