The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disable FTP access to a single account?

Discussion in 'Security' started by GoWilkes, Sep 2, 2011.

  1. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I have an account that I strictly use for secure files. It's in a separate account (with no domain) mainly so that I can have encrypted files in one account, and decrypt in another; this way, if a hacker gains access to one account, they won't get anything unless they hack the second one, too.

    Is there a way for me to completely disable FTP access to this account, except for root login?
     
  2. alphawolf50

    alphawolf50 Well-Known Member

    Joined:
    Apr 28, 2011
    Messages:
    186
    Likes Received:
    2
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    You could always use SFTP and login as root, then store these files in a place only root can get to (such as /root/). If by chance your FTP client can't do SFTP, give Filezilla a try. Doing it this way, you don't need an extra account... and if the cracker has your root password it won't matter much were you've stored those files ;)

    If you do this, just remember that you are logged in as root, and can still do great damage to your system if you're not careful... so mind the delete key! :)
     
  3. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    The files I'm running are a secure checkout, so they need to be accessible from the web; I just don't want the processing code behind it to be accessible.

    Is there a default account that's only accessible by root that I could use, instead? I tried /root/public_html/, but then going to https://server.example.com didn't bring up the page.
     
  4. ModServ

    ModServ Well-Known Member

    Joined:
    Oct 17, 2006
    Messages:
    332
    Likes Received:
    5
    Trophy Points:
    18
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
    Hello,

    There's a way but not straight forward :D

    Suspend the account, Then remove the .htaccess, Done ;)

    The account password will be locked except for root and the account will remain working like a charm!

    Best regards,
     
  5. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Excellent trick! Worked like a charm :) Let's just hope that cPanel doesn't change this in the future, though.
     
  6. ModServ

    ModServ Well-Known Member

    Joined:
    Oct 17, 2006
    Messages:
    332
    Likes Received:
    5
    Trophy Points:
    18
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
    Let's keep our fingers crossed as I'm using it too :D
     
  7. Bozra Moses

    Bozra Moses Registered

    Joined:
    Jul 4, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Dar es Salaam, Tanzania, Tanzania
    cPanel Access Level:
    Root Administrator
    I have tried doing that but after removing .htaccess i get the following error when trying to browse that account website ''Failure:- Access denied for user 'account' @'localhost' (Using password:YES)

    below is what i have done :

    1. suspended the account
    2. Removed account's .htaccess

    please confirm if i have done it in a right way?
     
  8. arunsv84

    arunsv84 Well-Known Member

    Joined:
    Oct 20, 2008
    Messages:
    373
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    127.0.0.1
    cPanel Access Level:
    Root Administrator
    Yes, you did that in the correct way. You just need to grant privileges to the database user from Shell. Execute the following command in mysql prompt.

    Code:
    grant all on databasename.* to databaseuser@localhost identified by 'databasepassword';
    Replace the databasename, database user and database password with the required one.

    Done !!!
     
  9. whm-expert

    whm-expert Active Member

    Joined:
    Nov 10, 2012
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    DataCenter Provider
    hello
    just make a new file in etc/ftpuser and add the user name for your account
     
  10. georgeb

    georgeb Well-Known Member

    Joined:
    May 23, 2010
    Messages:
    48
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Montreal, QC, Canada
    cPanel Access Level:
    Root Administrator
    This is the procedure if the username is "test" /home/test:

    1. go ssh
    2 go to /etc/proftpd (if you have proftpd)
    3. search for a file "test"
    4. rename the file to "test.bak"

    and voila, no more ftp for that account


    Regards,
    George B.
     
Loading...

Share This Page