Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Restrict access to all files outside public_html

Discussion in 'Security' started by GKey, Jan 10, 2018.

  1. GKey

    GKey Member

    Joined:
    Mar 21, 2007
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    151
    We have several accounts that need to upgrade their websites and as a result access needs to be given to web developers.

    As a security precaution, we would like to restrict access for the said web developers to public_html folder only. (Primary concern is that they shall not have access to Mail folders)

    Although we can restrict access through ftp to public_html, any PHP script uploaded to public_html has access to all files within the account, including mail. So Mail can be read and even deleted through PHP script execution.

    Could someone advice if such a restriction is possible and how can it be achieved ?
    Thank you in advance.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,516
    Likes Received:
    1,616
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Can you provide more information or steps we can take to reproduce a PHP script under the public_html directory reading contents from the account's mail directory? Does the issue persist after enabling the PHP open_basedir tweak referenced on the URL below?

    PHP Security Concepts - cPanel Knowledge Base - cPanel Documentation

    Thank you.
     
Loading...

Share This Page