Limit ftp access to one root folder, Linux shared server.

My business partner and myself are establishing a membership site where we will be giving/selling access to downloadable files.  These files must be stored in a "Download" folder in the root, behind public_html for security reasons.

The site is on my server and I need to give my partner ftp access in order to upload and manage the files in this one folder.

My business partner is very new to working with servers and I don't want any changes being made to any other folder then just the Download folder I'm giving access to.

How do I limit my business partner's access to only ftp to the one root folder?

This is on a Linux shared server.
Who is Participating?

Improve company productivity with a Business Account.Sign Up

trishahdeeConnect With a Mentor Author Commented:
Sry it's taken me so long to get back to this.  Had hd pbms that are fixed now.  So here is what happened...  LunarPages tech support sent me the following information about setting up a symlink that worked.  Basically I created a folder in the public_html directory whose only purpose is to link back behind the public_html folder to where the Downloads folder is.  The ftp acct is set up to the symlink folder and it works perfect.  Here are the instructions:


If you would like to setup an FTP account that loads to the 'Downloads' folder on your account behind your public_html folder, you would need to setup a symlink in the public_html folder on your account that links back to the 'Downloads' folder. To do this, you can simply create a plain-text file on your account and name it 'symlink.php', then add the following to the file:

$target = '/home/acctname/Downloads';
$link = '/home/acctname/public_html/yourfoldername';

symlink($target, $link);

The "=====" should not be copied into the file; only the text between them. You would also need to replace 'acctname' with your account name and replace 'yourfoldername' in the above $link with the name of the folder (which will actually be a symlink linking back to the 'Downloads' folder) you wish to use in the public_html folder for this content.

Once you have uploaded the above content in file file named 'symlink.php' to the public_html folder on your account, you would need to run the file using the link . This will create the link from '/public_html/yourfoldername' to the 'Downloads' folder. After the file has been successfully run, you can remove it from your account.

You would then need to setup the FTP account by going to cPanel > FTP Manager > FTP Accounts > then clicking 'Add FTP Account'. What you enter as the Directory should be the same as the 'yourfoldername' used in the above symlink creation PHP script.


Thank you to everyone who tried to help.
make this dir his login dir, and if you are using vsftpd then look at this link
trishahdeeAuthor Commented:
I don't know what vsftpd  is.  Is this something I can do from cpanel or is there something in the root that I am looking for?  I am on server, if that helps.
vsftpd is "very secure ftp daemon" that comes with linux servers and very good as ftp server.
trishahdeeAuthor Commented:
I talked to tech support at LunarPages and this is their reply:

        We use pure-ftpd for our FTP server.

        What you are wanting is not possible on our shared servers.

        You can set up an FTP user, but the folder that they can access will need to be below your
        /public_html folder.

So my next question is, is there a way to use .htaccess to limit my business partners ftp access from root folder Downloads to public_html?
.htaccess is used by apache, nothing to see with ftp server.
and you download folder should not be in the web server directory tree but outside that tree. and you should have a php script to stream the file to the client who want to download it, the only secure way, otherwise people can try to guess filenames at the root level and download everything they guess.
Monis MontherSystem ArchitectCommented:
To jail users in there home dir in pure-ftpd

start the ftp service with -a and -A option

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.