By default, this should not be allowed. Each FTP user should be "caged" in his own home directory. What is the value of the following directive in /etc/pure-ftpd.conf on your server?
If this is on, each cPanel account user should only be able to traverse that account's home directory when logged in via FTP.
Code:
# Cage in every user in his home directory
ChrootEveryone yesPlease submit a ticket
This should not be happening in a default cPanel configuration of Pure-FTPd. Please submit a ticket so that we may investigate this directly, because what you describe is an unusual situation and should not be happening.
This should not be happening in a default cPanel configuration of Pure-FTPd. Please submit a ticket so that we may investigate this directly, because what you describe is an unusual situation and should not be happening.
... Thanks...Do you mind sharing what you did to solve the problem? Sharing may help other users in the future who may encounter the same issue.
I'm facing same problem, ChrootEveryone yes is set in the pure-ftpd.conf file in the etc folder.. I've been trying to find a solution the last few weeks, then I found this.. with no solution..
I'll make a ticket.
I'll make a ticket.
Please post the ticket number upon submitting one so we can ensure the solution is posted to this thread this time for future reference.
I am having same problem with pure-ftpd
# Cage in every user in his home directory
ChrootEveryone yes
Any way out of this.
# Cage in every user in his home directory
ChrootEveryone yes
Any way out of this.
Are you sure the user is able to view directories outside of their own home directory? For example, what files can they access? Also, are you positive they are using FTP and not SFTP?
Thank you.
Thanks for the prompt response.
They are actually using SFTP with Filezilla and yes I am sure they are.
/etc (with other root folders) and infact able to download but not upload.
What do you say i do?
They are actually using SFTP with Filezilla and yes I am sure they are.
/etc (with other root folders) and infact able to download but not upload.
What do you say i do?
Last edited:
This is normal behavior for SFTP. SFTP uses a shell environment and access is only granted to the cPanel account username. Access to SFTP is not granted to virtual FTP accounts that are created via the "FTP Accounts" option within cPanel. With SFTP, users can browse to higher level directories. However, they are not able to modify or view the contents of any files they do not have access to. This is similar to how jailshell works for SSH access. If you prefer to disable SFTP for the entire server, you can modify the following file:
Within this file, comment out the following line:
Once you save the file, you can restart SSH to ensure the change takes effect.
Thank you.
Code:
# /etc/ssh/sshd_config
Code:
Subsystem sftp /usr/libexec/openssh/sftp-server
Code:
# service sshd restartThanks,
I have to keep SFTP as there are no virtual FTP accounts allowed on the network except for cpanel accounts owners.
I have to keep SFTP as there are no virtual FTP accounts allowed on the network except for cpanel accounts owners.
It's standard to keep SFTP enabled, and the behavior you see is normal and is comparable to jailshell access for SSH.
Thank you.
Thank you.
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
|
Restricting file download access | File Management | 1 | |
| N | Restricting FTP to an IP? | File Management | 10 | |
| W | Restricting file size and type? | File Management | 0 | |
| A | Restricting usage for a subdomain / ftp user | File Management | 0 | |
| A | Restricting subdomains / ftp user`s disc usage | File Management | 1 |