Allowing Customer Access

grayloon · Sep 25, 2013

We build sites and host them on our own cloud servers running cPanel. We've been doing this for a few years. We're getting more and more customers asking for full access to their site via FTP or SSH, and we're concerned about the security implications. Right now, we try to lock FTP access to a single directory - not the whole public_html. And, we never allow SSH access. We're running PHP 5.3 without suEXEC, suPHP, Suhosin, mod_security, or Ruid2. Is there a "best practice" guide to secure this type of "open" server?

cPanelMichael · Sep 25, 2013

Hello

You may want to check out the cPanel security adviser plugin if you are looking for a way to see what options you should enable on your system to increase security:

[11.38] Open source cPanel Security Advisor Addon

Thank you.

grayloon · Oct 1, 2013

I'm going to turn on jailed shell for all users and switch to ruid2. Solid plan to lock down customer access? Any permissions issues or anything I should be aware of when using ruid2?

cPanelMichael · Oct 1, 2013

Yes, the following document contains information you should know before enabling Mod_Ruid2:

ModRuid2 - cPanel

Thank you.

Thread starter	Similar threads	Forum	Replies	Date
	Allowing HTTP methods PATCH and DELETE in modsecurity	Security	3	Apr 3, 2023
M	Allowing execution for some files while denying others using htaccess	Security	1	Mar 24, 2023
O	Allowing password protected access to public_ftp directory	Security	4	Dec 29, 2019
F	Allowing cPanel updates with port 80 blocked	Security	2	Jan 12, 2015
M	Disallowing root access	Security	20	Sep 25, 2014

Search

Search

Allowing Customer Access

grayloon

Well-Known Member

cPanelMichael

Administrator

grayloon

Well-Known Member

cPanelMichael

Administrator