The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Avoiding deletion of skeleton files

Discussion in 'Security' started by petaglx, Jul 18, 2012.

  1. petaglx

    petaglx Member

    Joined:
    Aug 3, 2011
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    Hello Experts,

    Is it possible to configure cpanel somehow to prevent users from deleting vital files and folderd on their host?
     
  2. NetMantis

    NetMantis BANNED

    Joined:
    Apr 22, 2012
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Utah
    cPanel Access Level:
    DataCenter Provider
    I take it you've run into that unfortunately not so rare but infectious creature that is called a "stupid user"? :)

    (IE: those who have a troubling habit of deleting everything but the files they should be messing with!)

    Unfortunately no --- not really any particularly easy way of doing what you ask.

    You could "chattr +i" certain files but if you made a habit of doing that across accounts, that could be very messy, hard to track, and in the case of some files and folders especially with system areas like mail, you'd actually break the accounts doing that so the use of "chattr +i" would really be limited and generally not recommended.

    Unfortunately, the very best solution and only real practical viable solution is keep good backups. Make sure your server is configured to keep decent daily, weekly, and monthly backups and preferably an extra backup on a remote location. That way if a user's brain falls out suddenly and goes "splat" all over the keyboard as so often that seems to happen ( :) ), you'll at least be able to quickly repair the account without having to do a whole lot of manual work.

    If the user loses up to 24 hours to the last most recent backup, well maybe that'll be a lesson to teach them to be a bit more careful with what they are doing for next time --- at least they wouldn't lose anything longer time than that!
     
    #2 NetMantis, Jul 18, 2012
    Last edited: Jul 18, 2012
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,471
    Likes Received:
    199
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Assuming by your post "vital" you mean error pages, .htaccess, robots.txt, default favicon, the sort of file one might like to add to all new accounts to prevent error logs from filling up with garbage created by these missing default files, what I do is add a txt file as well (with a good title to get them to read it) and try and educate the new user on first login when they see these files, what they are for, how to replace them, and why you should always make sure they are here. They want to be able to use error logs but don't need to see many lines of missing 404 error pages or favicons.

    I also explain this to every new account when I send them the account details explaining login via FTP and file management.

    When I see them in my logs any more, I just replace them when I see them missing. Sometimes a new user forgets things, breaks things and looks for the delete button and wipes it all, happens. Not that often that its trouble though.

    Semi related, there's a Feature Request for having skel files copied to addon and sub domains:
    [Case 48382] skeleton directory for addon and sub domains
     
  4. JeffP.

    JeffP. Well-Known Member

    Joined:
    Sep 28, 2010
    Messages:
    164
    Likes Received:
    9
    Trophy Points:
    18
    That is bad advice. A terminated account that had immutable files won't be entirely removed from the box, amongst other potential complications.
     

Share This Page