The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How can I make FTP accounts that are not Public?

Discussion in 'General Discussion' started by Lagman, Sep 30, 2006.

  1. Lagman

    Lagman Registered

    Joined:
    May 13, 2006
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    I've been trying to figure this out for a while but can't find anything like this in the forum yet.

    I want to create ftp accounts for users which are exclusive to them.
    In other words, I want to create an ftp account that makes their home directory a fairly protected space that no one else can see.
    The problem I'm having is that when you create an ftp account through cpanel, it does exactly what it says but places the new user's home directory in /home/accountname/public_html/ftpusername/
    This means that the directory is wide open to the public! Anyone who browses to domainname.com/ftpusername/ will see all the files they've got in their FTP home dir.

    I've tried the simlink idea but the simlink also works for the web browser so even the the physical file is elsewhere, it's still browsable anonymously via http

    Anyone have any ideas on how to make an ftp account that is just an ftp account and not exposed to the public via www.domain.com/ftpuser/ ?

    Thanks.
     
  2. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    One simple solution is to add a blank index file to the ftp directory.
     
  3. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Something else had forgotten about. You can chmod the permissions to 700 which should throw a 403 error when accessing via http but still allow ftp logins.
     
  4. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
    Or you could pop a .htaccess file in the FTP user's home directory with a rule to restrict access to all files:

    Code:
    <Files ~ "*">
        Deny from all
    </Files>
    The above is just a guess, based on a current rule I have to block access to 'header.php' for a site:

    Code:
    <Files ~ "^header\.php$">
        Deny from all
    </Files>
     
  5. Lagman

    Lagman Registered

    Joined:
    May 13, 2006
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Thanks.
    Both the chmod and the .htaccess file worked. Well caused apache to throw an error but would not let the contents of the ftp user directory be seen. (I haven't tried the other suggestions yet.)

    It's a shame that we don't have a more robust way to setup real ftp user accounts that are not subdirectories of ../public_html/ through cpanel though.
     
Loading...

Share This Page