Mirror download setup questions

I'm new to most cPanel functions, and I have what are likely quite basic questions. I don't even know if I can ask them properly, so I hope you'll bear with me.

According to the general server info relected on the main panel, I'm using cPanel version 11.25.0-RELEASE.

I've received a request to set up a mirror download of a game by an independent developer. I've created an FTP account, access to which requires both a user name and password. However, this is perhaps not the best way to handle this sort of thing.

The developer wants access without a password. I could find no way to do this and I'm thinking it might not be possible with a dedicated FTP account. I've looked for information in the cPanel documentation, help files and these forums and have found nothing.

I thought maybe anonymous FTP would be the way to go, but I've been unable to locate any specifics regarding setting this up. I've seen it mentioned that permissions should be used in conjunction with anonymous FTP, but I haven't been able to find anything about how to do this.

The documentation mentions a page that defines "how anonymous users interact with your FTP server" and says "Using the checkboxes, anonymous users can be denied or allowed access to your FTP server for downloading or uploading content." Despite considerable searching, I've been unable to locate such a page.

The documentation goes on to say "It is recommended that anonymous users be barred from uploading files to your FTP server because this allows anyone to upload malicious software to your website." Again, I've been unable to locate information on how this is accomplished.

About the only thing I know for sure is that the anonymous directory is public_ftp/. At least, that's what the documentation says. Beyond this, I'm at a loss.

I'm also concerned about possible risks associated with anonymous FTP, but aside from the aforementioned uploading of malicious software, I've found nothing.

So here is what I'm hoping someone will be able to help me with:

Is a dedicated FTP account the best way to handle a mirror download?

Is it possible to set up a dedicated FTP account that isn't password-protected? If so, what are the risks?

If this is not possible, would anonymous FTP be the way to go?

What risks does anonymous FTP carry, and are there ways to protect against them?

Is there anything else I should know about what I'm trying to accomplish?

I'd sure appreciate it if I could get some help with this. I've been at it for two days now and I've made no progress, the developer is waiting, and I feel like an idiot. Thank you!

 

Thanks so much for your informative reply. This may seem silly, but how do I access the WHM Interface?

I'm not the person who set up WHM/cPanel originally, and the one who did is no longer involved. Unfortunately, he left me no info concerning WHM, and no one at my end knows anything about it. Thanks...

 

Okay, thanks.

Unfortunately, both links you provided yield messages that "This connection is untrusted" (Firefox) and "There is a problem with this website's security certificate" (IE).

I suppose this means there's a problem at my end. I'll try to contact my notoriously unresponsive web host and ask what the deal is.

Thanks again for all your help.

 

Many thanks, Miraenda! I try to err on the side of caution when it comes to such warnings, so I'm grateful for the info.

Unfortunately, the password I use to sign into cPanel, which is the only password I have, doesn't work. So I've just sent another email to my web host in hopes that I will eventually get a response.

Again, I appreciate the assistance you've given me.