Hello:
I saw after migrating/importing sites from Ensim to cPanel that WHM dumbed a number of user folders in the Web root of imported Web sites.
The user folders seem to correspond to the various users that exist on every site, that is, they have the names that correspond to user usernames used for their emails. In fact, inside of these folders, I see subfolders with the names "mail", spamassassin, and various other user files.
My questions are:
1) Is this not s security risk, since the presence of these folders in the root area basically allows anyone to guess the username of users and therefore spam them?
In Ensim, the usernames are hidden outside of the web root, therefore ensuring minimal security.
2) Is there a way to delete these user folders from the Web site roots without killing user emails?
3) Can Cpanel/WHM be made not to create user folders with user usernames in the root of Web sites?
4) last but not least, one other thing that I do not like in the CPanel configuration is the use of usernames in script paths. In Ensim, usernames were always hidden from public view, so that the paths for jailed sites were something like this /var/www/html, whereas the paths for non-jailed sites where an anonymous /home/virtual/domain.com/var/www/html.
I thought this was an excellent idea. How can I reproduce something close to this in the WHM/Cpanel system?
Thanks.
I saw after migrating/importing sites from Ensim to cPanel that WHM dumbed a number of user folders in the Web root of imported Web sites.
The user folders seem to correspond to the various users that exist on every site, that is, they have the names that correspond to user usernames used for their emails. In fact, inside of these folders, I see subfolders with the names "mail", spamassassin, and various other user files.
My questions are:
1) Is this not s security risk, since the presence of these folders in the root area basically allows anyone to guess the username of users and therefore spam them?
In Ensim, the usernames are hidden outside of the web root, therefore ensuring minimal security.
2) Is there a way to delete these user folders from the Web site roots without killing user emails?
3) Can Cpanel/WHM be made not to create user folders with user usernames in the root of Web sites?
4) last but not least, one other thing that I do not like in the CPanel configuration is the use of usernames in script paths. In Ensim, usernames were always hidden from public view, so that the paths for jailed sites were something like this /var/www/html, whereas the paths for non-jailed sites where an anonymous /home/virtual/domain.com/var/www/html.
I thought this was an excellent idea. How can I reproduce something close to this in the WHM/Cpanel system?
Thanks.