The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Anonymous ftp - should I disable?

Discussion in 'General Discussion' started by BraveX, Sep 8, 2006.

  1. BraveX

    BraveX Well-Known Member

    Joined:
    Apr 8, 2005
    Messages:
    155
    Likes Received:
    0
    Trophy Points:
    16
    I was wondering what the point of is anonymous FTP? Is it vulnerable to abuse? Should I set it to "disable" in WHM?

    thanks,
    BX
     
  2. NightStorm

    NightStorm Well-Known Member

    Joined:
    Jul 28, 2003
    Messages:
    286
    Likes Received:
    4
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Anonymous FTP requires a dedicated IP for a site. It would essentially allow users to either upload or download files direct from FTP without needing a username or password. It's locked to the public_ftp folder in the site's root directory, but yes it can be abused if upload is enabled, as users could store essentially anything they want there.
    If you have no plan of using it for any of your sites, you may as well disable it in WHM to prevent any future customers from turning it on.
     
  3. BraveX

    BraveX Well-Known Member

    Joined:
    Apr 8, 2005
    Messages:
    155
    Likes Received:
    0
    Trophy Points:
    16
    Thanks for the response, Nightstorm.

    BX
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Also, anonymous FTP is open to abuse. The reason being, you're allowing anyone to authenticate against your FTP server and allowing them to perform FTP tasks. Many FTP server vulnerabilities that arise these days require authenticated access to the server and you're handing this to hackers on a plate.
     
Loading...

Share This Page