FTP account or restrict a folder from files being deleted or uploaded?

KimberH

Active Member
Dec 29, 2013
40
6
58
cPanel Access Level
Website Owner
Hi, my goal is restrict ftp users so they can download but can't upload or delete files. I worry setting that up will stop my file transfer plugin.

What happens is files are uploaded to WordPress media library and are auto transferred to a cPanel program folder.

Code:
$destinationDirectory = "/home/sitename/programs";

function custom_26026551_upload($upload, $context) {
    global $destinationDirectory, $watchedFilenames;
    $filename = basename($upload["file"]);

    if(strlen($filename) - strpos(strtolower($filename), ".mp3") == 4) copy($upload["file"], $destinationDirectory . "/" . $filename);
    return $upload;
}
add_filter("wp_handle_upload", "custom_26026551_upload", 10, 2);
Plugin credit URI: https://alcos.dev/p/26026551

Then our ftp users can download the files from the program folder. Somehow I need to find another way to do this or restrict this folder from people uploading and deleting files.

I didn't original set this up but it's what I have to work with. Any thoughts on how to restrict this folder?

Thank you for your time
Kim
 

cPanelAnthony

Administrator
Staff member
Oct 18, 2021
1,045
112
118
Houston, TX
cPanel Access Level
Root Administrator
Hello! Why not just password protect the directory behind a username/login and then have it be accessible via a web browser? Users could then access the file list and download from the browser.

 

KimberH

Active Member
Dec 29, 2013
40
6
58
cPanel Access Level
Website Owner
Hello! Why not just password protect the directory behind a username/login and then have it be accessible via a web browser? Users could then access the file list and download from the browser.

Because these are radio stations downloading news program mp3 files which happens all day long. They use ftp software to download the program and automatically set up the news program to air at the correct time. They won't pay for the news programs if they can't auto set up in their ftp. With the bigger radio stations this is not an issue but there always someone who clicks the wrong button. Plus it really not secure. I need to either secure the ftp folder or find a new method of allow clients to ftp files out.

But thanks