Separate FTP account for client - home directory?

[markus909]

I think the question I have is simple, so I try to avoid telling the entire big story at first, but still give enough context.

I am using reseller hosting so that I am able to not just offer website development but also hosting for my clients only.
Creating a new cPanel user for my client in their cPanel account raises some questions.

At first, I want to give them only an FTP account so that they could access the entire home directory.
When I just create a new user, it'll by default get its own home directory. I can change it and set it to root (home directory of the cPanel account).
But how would quota impact this, e.g. I give them only small quota as it is only an additional account to the main cPanel account? And what happens when I delete the FTP user? I know when deleting the user, usually you are asked if the home directory should be deleted as well. So I wonder if I need to be super careful when I am for whatever reason just delete their FTP user. Would this also delete the entire website directory?

OR is this just not the way how to do it at all with cPanel when I want to give the client FTP access?

I do plan to hand over cPanel access as well (later). But I prefer to wait with this, as it's either all or nothing with cPanel. The Manage Team feature is not yet fully out there and that could still take a while. I would feel comfortable handing over the cPanel user when I am able to set some permissions with Manage Team so that the client cannot see EVERYTHING and even delete the backups or do other harmful things.

 

[ResellerWiz]

Why not just create an additional FTP account in cPanel specifically for the client?

 

[markus909]

Why not just create an additional FTP account in cPanel specifically for the client?

I think that is exactly what I am trying to do. Create a separate FTP account in cPanel for the client.
But if you don't change the home directory it would be just an empty / new home directory. I tried to change the home directory and it works, but I try to understand those risks as well (e.g. when deleting the FTP user). I also try to understand what's best practice for this

 

[ResellerWiz]

I think that is exactly what I am trying to do. Create a separate FTP account in cPanel for the client.
But if you don't change the home directory it would be just an empty / new home directory. I tried to change the home directory and it works, but I try to understand those risks as well (e.g. when deleting the FTP user). I also try to understand what's best practice for this

Deleting the FTP user doesn’t delete the data in the folder they were assigned, so no need to worry about that.

 

[markus909]

From what I remember from the last time I tried you get a big warning, something like "the home directory of the user gets deleted".
If I create a new FTP user and manually assign the root of the cPanel account as the home directory ... it's difficult to click that button "delete user" at some later time, when it tells you that the home directory gets deleted. I can try later to make a screenshot. It's not something I need actually. It's something I must understand now thought, to never get into that situation.

Do you know what's the recommended approach in general when it comes to giving access to clients as a reseller (not using WHMCS, just WHM to offer separate cPanel accounts for client projects).

I am a sole proprietor. I think it's my responsibility to give the client enough access (bus factor). If I do that, I also easier get the client to host with me and not their cheap shared hosting. But the factor that they have either no access or full access stops me. Therefore I try to split it up to get a better picture of it:
1. FTP access
2. cPanel access / perhaps some reduced cPanel access instead of full access (not possible as of now)

 

[ResellerWiz]

I would just give them access to cPanel. Do you not trust them with having access to cPanel?

If that is the case, you may want to warn the client about making changes, etc. and how it can break their account and/or cause data loss prior to providing access.

 

[markus909]

I am new to cPanel. So I don't know the ins and outs yet, therefore I am careful with it. Another reason is that I think it's good when troubleshooting to perhaps see who did something in logs, etc. - if we share the same user to access cPanel and FTP this won't be possible in any way

So I am on the fence weather I give them all access or find a better solution.
I am also still very surprised that this big cPanel does not provide a solution for this, and that cPanel user sharing is still necessary.

I know many agencies don't give access at all to the client (not Admin in WordPress, no FTP, no cPanel or other management panel, no domain registrar).
As I run everything by myself I can't do that and don't want to do that. It is too much of a risk for the client, I would not feel good about it. But giving out EVERYTHING (cPanel account) is also not making me feel any better just yet

 

[ResellerWiz]

I am new to cPanel. So I don't know the ins and outs yet, therefore I am careful with it. Another reason is that I think it's good when troubleshooting to perhaps see who did something in logs, etc. - if we share the same user to access cPanel and FTP this won't be possible in any way

So I am on the fence weather I give them all access or find a better solution.
I am also still very surprised that this big cPanel does not provide a solution for this, and that cPanel user sharing is still necessary.

I know many agencies don't give access at all to the client (not Admin in WordPress, no FTP, no cPanel or other management panel, no domain registrar).
As I run everything by myself I can't do that and don't want to do that. It is too much of a risk for the client, I would not feel good about it. But giving out EVERYTHING (cPanel account) is also not making me feel any better just yet

There is a hidden/system file in the root of the home directory named ”.lastlogin” that gives the IP address and timestamp of the logins to the cPanel account, so that can give you an idea of who was logged in when something occurs.

 

[markus909]

Thanks that can help ... I still hope for the development of the Team Manager, I think that will be of great help for many to handle access

 

[cPRex]

It will be fully supported in 112, depending on your license type - Manage Team Roadmap | cPanel & WHM Documentation

 

[ResellerWiz]

It will be fully supported in 112, depending on your license type - Manage Team Roadmap | cPanel & WHM Documentation

Glad this is finally coming to fruition. It has been a highly requested feature for quite some time.

 

[markus909]

It will be fully supported in 112, depending on your license type - Manage Team Roadmap | cPanel & WHM Documentation

Wow, I just checked this should be actually quite soon - around April 2023

Product Versions and the Release Process | cPanel & WHM Documentation

This document explains the cPanel & WHM version system and release process.

docs.cpanel.net

I hope my hosting company won't need too long to update

 

[cPRex]

112 is in Edge right now if you wanted to check it out on a test machine!

 

[markus909]

Not 100% sure what Edge is, but sounds like a Release Candidate. I am only the user of a reseller account, so for now I probably won't be able to invest time in the actual setup of a test environment, to learn about setting up WHM and CP somehow on localhost. Thanks for pointing it out though