Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Disable FTP access to a single account?

Discussion in 'Security' started by GoWilkes, Sep 2, 2011.

  1. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    406
    Likes Received:
    5
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    I have an account that I strictly use for secure files. It's in a separate account (with no domain) mainly so that I can have encrypted files in one account, and decrypt in another; this way, if a hacker gains access to one account, they won't get anything unless they hack the second one, too.

    Is there a way for me to completely disable FTP access to this account, except for root login?
     
  2. alphawolf50

    alphawolf50 Well-Known Member

    Joined:
    Apr 28, 2011
    Messages:
    186
    Likes Received:
    2
    Trophy Points:
    68
    cPanel Access Level:
    Root Administrator
    You could always use SFTP and login as root, then store these files in a place only root can get to (such as /root/). If by chance your FTP client can't do SFTP, give Filezilla a try. Doing it this way, you don't need an extra account... and if the cracker has your root password it won't matter much were you've stored those files ;)

    If you do this, just remember that you are logged in as root, and can still do great damage to your system if you're not careful... so mind the delete key! :)
     
  3. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    406
    Likes Received:
    5
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    The files I'm running are a secure checkout, so they need to be accessible from the web; I just don't want the processing code behind it to be accessible.

    Is there a default account that's only accessible by root that I could use, instead? I tried /root/public_html/, but then going to https://server.example.com didn't bring up the page.
     
  4. ModServ

    ModServ Well-Known Member

    Joined:
    Oct 17, 2006
    Messages:
    332
    Likes Received:
    5
    Trophy Points:
    168
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
    Hello,

    There's a way but not straight forward :D

    Suspend the account, Then remove the .htaccess, Done ;)

    The account password will be locked except for root and the account will remain working like a charm!

    Best regards,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    406
    Likes Received:
    5
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    Excellent trick! Worked like a charm :) Let's just hope that cPanel doesn't change this in the future, though.
     
  6. ModServ

    ModServ Well-Known Member

    Joined:
    Oct 17, 2006
    Messages:
    332
    Likes Received:
    5
    Trophy Points:
    168
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
    Let's keep our fingers crossed as I'm using it too :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Bozra Moses

    Bozra Moses Registered

    Joined:
    Jul 4, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Dar es Salaam, Tanzania, Tanzania
    cPanel Access Level:
    Root Administrator
    I have tried doing that but after removing .htaccess i get the following error when trying to browse that account website ''Failure:- Access denied for user 'account' @'localhost' (Using password:YES)

    below is what i have done :

    1. suspended the account
    2. Removed account's .htaccess

    please confirm if i have done it in a right way?
     
  8. arunsv84

    arunsv84 Well-Known Member

    Joined:
    Oct 20, 2008
    Messages:
    373
    Likes Received:
    1
    Trophy Points:
    68
    Location:
    127.0.0.1
    cPanel Access Level:
    Root Administrator
    Yes, you did that in the correct way. You just need to grant privileges to the database user from Shell. Execute the following command in mysql prompt.

    Code:
    grant all on databasename.* to databaseuser@localhost identified by 'databasepassword';
    Replace the databasename, database user and database password with the required one.

    Done !!!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. whm-expert

    whm-expert Active Member

    Joined:
    Nov 10, 2012
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    DataCenter Provider
    hello
    just make a new file in etc/ftpuser and add the user name for your account
     
  10. georgeb

    georgeb Well-Known Member

    Joined:
    May 23, 2010
    Messages:
    49
    Likes Received:
    1
    Trophy Points:
    58
    Location:
    Montreal, QC, Canada
    cPanel Access Level:
    Root Administrator
    This is the procedure if the username is "test" /home/test:

    1. go ssh
    2 go to /etc/proftpd (if you have proftpd)
    3. search for a file "test"
    4. rename the file to "test.bak"

    and voila, no more ftp for that account


    Regards,
    George B.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice