The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Restricting Users to Home Directories

Discussion in 'General Discussion' started by jlimited, Jun 25, 2004.

  1. jlimited

    jlimited Well-Known Member

    Joined:
    Jun 4, 2004
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    6
    I am attempting to restricting users to Home Directories, but I the usually place where I would do that is not there.

    Where does Cpanel create all of the virtual hosts at?

    Should it be under:

    httpd.conf
    proftpd.conf

    Thanks
    Travis
     
  2. coastinc

    coastinc Well-Known Member

    Joined:
    Mar 13, 2002
    Messages:
    159
    Likes Received:
    0
    Trophy Points:
    16
    User's are restricted to their home directory....
    If you are referring to SSH access, you can use Jailshell.
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    One handy script is:

    /scripts/enablefileprotect

    Which offers some, if marginal, restriction. Of course non of this (including jailshell) has any effect on CGI perl and php scripts which can still view anything that is appropriately readable anywhere on the server.
     
  4. dazerrackers

    dazerrackers Well-Known Member

    Joined:
    Jan 23, 2004
    Messages:
    63
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    England
    Is this restricting them in php? like to only there dir know one else's on the server.
     
  5. Sheldon

    Sheldon Well-Known Member

    Joined:
    Jun 7, 2004
    Messages:
    378
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
    WHM > Server Configuration > Tweak Security > mod_php_openbasedir tweak

    or whatever that is..

    enable that.. DONE

    Sheldon
     
  6. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    True. But you, presumably, won't be getting rid of perl CGI. What these restrictions are for is to stop vulnerable scripts (php) from allowing hackers access to things you don't want them to have. None of these will stop a user with an account from accessing everything that the file/dir permissions allow. Don't get a false sense of security.
     
Loading...

Share This Page