The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Allowing Customer Access

Discussion in 'Security' started by grayloon, Sep 25, 2013.

  1. grayloon

    grayloon Well-Known Member

    Joined:
    Oct 31, 2007
    Messages:
    98
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    Evansville, IN
    cPanel Access Level:
    Root Administrator
    Twitter:
    We build sites and host them on our own cloud servers running cPanel. We've been doing this for a few years. We're getting more and more customers asking for full access to their site via FTP or SSH, and we're concerned about the security implications. Right now, we try to lock FTP access to a single directory - not the whole public_html. And, we never allow SSH access. We're running PHP 5.3 without suEXEC, suPHP, Suhosin, mod_security, or Ruid2. Is there a "best practice" guide to secure this type of "open" server?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  3. grayloon

    grayloon Well-Known Member

    Joined:
    Oct 31, 2007
    Messages:
    98
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    Evansville, IN
    cPanel Access Level:
    Root Administrator
    Twitter:
    I'm going to turn on jailed shell for all users and switch to ruid2. Solid plan to lock down customer access? Any permissions issues or anything I should be aware of when using ruid2?
     
    #3 grayloon, Oct 1, 2013
    Last edited: Oct 1, 2013
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page