The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to protect system files and directories on FTP, SFTP and File Manager access

Discussion in 'Security' started by joomla, Aug 12, 2014.

  1. joomla

    joomla Well-Known Member

    Joined:
    Jul 23, 2014
    Messages:
    48
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hello,

    I allowed SFTP login to my clients on shared web server, whereas they have FTP login and cPanel File Manager access.

    What I need to do is, to hide system files/directories from cpanel users, or to forbid any changes on system files/directories - when cpanel users login via FTP, SFTP or File Manager. In order to allow them to use files and directories that they own, and to protect server files/directories from being changed by other users than root.

    cPanel 11.44, Apache 2.4, CentOS 6.5

    Any help?

    Many thanks in advance! :confused:
     
  2. ThinIce

    ThinIce Well-Known Member

    Joined:
    Apr 27, 2006
    Messages:
    346
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    Disillusioned in England
    cPanel Access Level:
    Root Administrator
    Could you tell us a little more about how you've configured your system? Ultimately the directories / files a user can access through SFTP is governed by the standard linux permissions model.

    The exception of course is if you've enabled VirtFS (Jailed Shell) https://documentation.cpanel.net/pages/viewpage.action?pageId=365540 or installed third party software such as cloudlinux - what are your users shells set to currently under "manage shell access" in whm?
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  4. joomla

    joomla Well-Known Member

    Joined:
    Jul 23, 2014
    Messages:
    48
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Thanks for all replies. Do I need to disable user shell access on shared server according to security reasons?
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You could enabled jailed shell if you are not comfortable granting full shell access. It's documented here:

    Jailed Shell

    Thank you.
     
Loading...

Share This Page