Skip to main content

Allowing password protected access to public_ftp directory

Comments

4 comments

  • SamuelM
    Hello @Orerockon, You can absolutely create an FTP account with a unique username and password, and restrict its access to a specific folder. Please refer to the documentation on the following page with instructions for creating FTP accounts in cPanel and configuring the FTP client to connect:
    0
  • Orerockon
    Excellent! I was going to do that but I was afraid to create an account after I read the "your website will break if you screw this up". Also I was unsure if it would restrict access to the initial folder but that appears to work. Is there a chance that access to the root is exploitable once the user logs in?
    0
  • SamuelM
    Hello @Orerockon, FTP user accounts cannot escalate their privileges or switch users, so there would be no worry over exploiting any root-level content on the server. Additionally, the user can only access the home directory that is specified when the account is created and its subdirectories. I hope this clarifies the matter for you. Feel free to let us know if you have any further questions!
    0
  • cPanelLauren
    Also to address:
    I was going to do that but I was afraid to create an account after I read the "your website will break if you screw this up".

    If you add or remove files in your website's directories incorrectly, yes it could break things. The creation of the FTP account though wouldn't do that.
    0

Please sign in to leave a comment.