Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Limit ftp access to one root folder, Linux shared server.

Posted on 2009-05-16
7
Medium Priority
?
1,210 Views
Last Modified: 2017-08-30
BACKGROUND
My business partner and myself are establishing a membership site where we will be giving/selling access to downloadable files.  These files must be stored in a "Download" folder in the root, behind public_html for security reasons.

The site is on my server and I need to give my partner ftp access in order to upload and manage the files in this one folder.

PROBLEM
My business partner is very new to working with servers and I don't want any changes being made to any other folder then just the Download folder I'm giving access to.

QUESTION
How do I limit my business partner's access to only ftp to the one root folder?

This is on a Linux shared server.
0
Comment
Question by:trishahdee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 40

Expert Comment

by:omarfarid
ID: 24402950
make this dir his login dir, and if you are using vsftpd then look at this link

http://www.experts-exchange.com/OS/Linux/Q_23155804.html?cid=236#a20875109
0
 

Author Comment

by:trishahdee
ID: 24403055
I don't know what vsftpd  is.  Is this something I can do from cpanel or is there something in the root that I am looking for?  I am on LunarPages.com server, if that helps.
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 24403602
vsftpd is "very secure ftp daemon" that comes with linux servers and very good as ftp server.
0
Looking for a new Web Host?

Lunarpages' assortment of hosting products and solutions ensure a perfect fit for anyone looking to get their vision or products to market. Our award winning customer support and 30-day money back guarantee show the pride we take in being the industry's premier MSP.

 

Author Comment

by:trishahdee
ID: 24403800
I talked to tech support at LunarPages and this is their reply:

        We use pure-ftpd for our FTP server.

        What you are wanting is not possible on our shared servers.

        You can set up an FTP user, but the folder that they can access will need to be below your
        /public_html folder.

So my next question is, is there a way to use .htaccess to limit my business partners ftp access from root folder Downloads to public_html?
0
 
LVL 28

Expert Comment

by:lesouef
ID: 24405312
.htaccess is used by apache, nothing to see with ftp server.
and you download folder should not be in the web server directory tree but outside that tree. and you should have a php script to stream the file to the client who want to download it, the only secure way, otherwise people can try to guess filenames at the root level and download everything they guess.
0
 
LVL 14

Expert Comment

by:Monis Monther
ID: 24406129
To jail users in there home dir in pure-ftpd

start the ftp service with -a and -A option

0
 

Accepted Solution

by:
trishahdee earned 0 total points
ID: 24513712
Sry it's taken me so long to get back to this.  Had hd pbms that are fixed now.  So here is what happened...  LunarPages tech support sent me the following information about setting up a symlink that worked.  Basically I created a folder in the public_html directory whose only purpose is to link back behind the public_html folder to where the Downloads folder is.  The ftp acct is set up to the symlink folder and it works perfect.  Here are the instructions:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If you would like to setup an FTP account that loads to the 'Downloads' folder on your account behind your public_html folder, you would need to setup a symlink in the public_html folder on your account that links back to the 'Downloads' folder. To do this, you can simply create a plain-text file on your account and name it 'symlink.php', then add the following to the file:

=====
<?php
$target = '/home/acctname/Downloads';
$link = '/home/acctname/public_html/yourfoldername';

symlink($target, $link);
?>
=====

The "=====" should not be copied into the file; only the text between them. You would also need to replace 'acctname' with your account name and replace 'yourfoldername' in the above $link with the name of the folder (which will actually be a symlink linking back to the 'Downloads' folder) you wish to use in the public_html folder for this content.

Once you have uploaded the above content in file file named 'symlink.php' to the public_html folder on your account, you would need to run the file using the link http://yourdomain.com/symlink.php . This will create the link from '/public_html/yourfoldername' to the 'Downloads' folder. After the file has been successfully run, you can remove it from your account.

You would then need to setup the FTP account by going to cPanel > FTP Manager > FTP Accounts > then clicking 'Add FTP Account'. What you enter as the Directory should be the same as the 'yourfoldername' used in the above symlink creation PHP script.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thank you to everyone who tried to help.
 
0

Featured Post

Looking for a new Web Host?

Lunarpages' assortment of hosting products and solutions ensure a perfect fit for anyone looking to get their vision or products to market. Our award winning customer support and 30-day money back guarantee show the pride we take in being the industry's premier MSP.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the withdrawal of support for Windows Server 2003 this summer, many clients face the issue of moving away from their 2003 installs. There are a few options out there that many people/companies are selling. But the clients I have, haven't wanted…
Without even knowing it, most of us are using web applications on a daily basis.  In fact, Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We generally confuse these web applications to…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question