Deny Permission to delete/edit files like .htaccess?

BG06

Member
Oct 20, 2006
11
0
151
Is it possible to deny access for files like .htaccess or even certain .php files for cPanel users?

I don't want some accounts to have the permission to change .htaccess or remove some files in their public_html folder.
 

ninja_byte

Member
May 6, 2004
13
0
151
What kinds of files within their public_html folder?
If you have specific rules that you don't want them to change within their .htaccess, define them within the apache configuration file(s), or place a .htaccess directly in /home (note, the latter option might cause load increase).

If you want to disable user-land .htaccess files, you can do this in the apache configuration files as well.

I guess a better question is: What are you trying to accomplish? What's the situation that caused this question to come up..?
 

BG06

Member
Oct 20, 2006
11
0
151
I added this into the .htaccess of some users and now I don't want them to remove or alter the file. As I cannot move the ad.php to another directory above the users because open_basedir is enabled I'd like to protect this one too.

Putting the .htacess into /home would cause every user to apply this file, right? But as I don't want every user to have this forced ads this is not a solution for me.
 

BG06

Member
Oct 20, 2006
11
0
151
Is it possible to have the owner of these files changed automatically on account creation?
 

ujr

Well-Known Member
Mar 19, 2004
290
0
166
you could try putting them in the in the accounts skeleton directory and chowning them to root:root
 

BG06

Member
Oct 20, 2006
11
0
151
chattr: Inappropriate ioctl for device while reading flags on /root/cpanel3-skel/public_html/.htaccess

Thats not gonna work. :(


you could try putting them in the in the accounts skeleton directory and chowning them to root:root
I tried that but the user still can edit everything.
 
Last edited:

Spiral

BANNED
Jun 24, 2005
2,020
8
193
Instead of putting commands in .htaccess that you don't want the user to change,
put them in the VirtualHost section of /etc/httpd/conf/httpd.conf for the site(s)
you want those commands added.

If you are trying to do this for all sites, you could use a <Location /> section
before the VirtualHosts sections and put your command in that and whatever
you do would be globally applied to all sites.

Side perk on either method placing commands in Apache's config file is that you
don't have to worry about OpenBaseDir anymore because commands put into
the Apache configuration itself are not subject to any of that.


.
 
Last edited: