Subdomain visible to other accounts

brayne

• August 27, 2017 21:53

Hi there, one of my customers created a subdomain for their account, and placed it inside their home directory. Within that directory, they created a subdirectory called "clientfiles". After uploading a few files to this location via FTP, it was then discovered that these files were accessible via some of my other customers' websites, with completely separate cPanel accounts on the same server. So, the files were placed at: I don't know how this was even possible. Can someone explain why this would happen, and how I prevent this from happening? Thanks in advance, Bruce

• 

  brayne

  • August 28, 2017 10:07

  Sorry, I need to add a note to this. It turns out, that the files can only be viewed if using an https:// prefix. So, the files were placed at: https://seconddomain.com/clientfiles/ Bur there is no certificate installed for has one of those annoying self-signed certificates that seem to get created whether you want them or not. If I delete this certificate, the problem goes away. Thanks, Bruce

  0
• 

  cPanelMichael

  • August 28, 2017 18:06

  Hello, This is answered on the following section of our SSL FAQ document:

  0

Please sign in to leave a comment.