Anonymous ftp - should I disable?

BraveX

Well-Known Member
Apr 8, 2005
155
0
166
I was wondering what the point of is anonymous FTP? Is it vulnerable to abuse? Should I set it to "disable" in WHM?

thanks,
BX
 

NightStorm

Well-Known Member
Jul 28, 2003
286
4
168
cPanel Access Level
Root Administrator
Twitter
Anonymous FTP requires a dedicated IP for a site. It would essentially allow users to either upload or download files direct from FTP without needing a username or password. It's locked to the public_ftp folder in the site's root directory, but yes it can be abused if upload is enabled, as users could store essentially anything they want there.
If you have no plan of using it for any of your sites, you may as well disable it in WHM to prevent any future customers from turning it on.
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,465
30
473
Go on, have a guess
Also, anonymous FTP is open to abuse. The reason being, you're allowing anyone to authenticate against your FTP server and allowing them to perform FTP tasks. Many FTP server vulnerabilities that arise these days require authenticated access to the server and you're handing this to hackers on a plate.