Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

restrict folder access in ftp

Posted on 2013-01-25
5
Medium Priority
?
476 Views
Last Modified: 2013-01-28
Hi there. I'm using WordPress and have given my designer the role of administrator but don't want to give him access to my plugins which he could download via an ftp client.  He can view the plugins in the WordPress dashboard but I want to restrict giving him access when using filezilla.  Is that even possible?

In addition, if I've handed out cpanel access, can I restrict access to the plugins folder? So they can view folders just not pull them down.

I have purchased some plugins that I don't want stolen.
0
Comment
Question by:COwebmaster
5 Comments
 
LVL 2

Accepted Solution

by:
andy_adams earned 1000 total points
ID: 38819776
As long as you've given 'read' access to folders via FTP, then as far as I know you cannot prevent someone from copying them to their local folder.

The best way to handle this would be to remove 'read' access for the FTP users on the plugin directory completely. They won't be able to see the contents of the folder at all, but that sounds like what you're looking for.

I'm not an expert on file permissions, but I'm pretty sure you can do what you're looking for.
0
 
LVL 70

Assisted Solution

by:Jason C. Levine
Jason C. Levine earned 1000 total points
ID: 38820074
Giving Administrator access in WordPress has nothing to do with FTP.  However, even if you manage to restrict the FTP permissions properly, an Administrator can still download plugins by going to Plugins | Editor and copying the files out one-by-one from the editor.  It's tedious but possible.

What I would do is create a new user role based on the Administrator but remove the capability to manage plugins or whatever else you don't want them to do.  Check this plugin for more information

If you are worried about this, why does your designer need FTP access for a WordPress site?  The theme files and images can all be manipulated with Dashboard access alone...
0
 
LVL 8

Expert Comment

by:Alicia St Rose
ID: 38823094
FYI,
It really sucks when you leave off a semi-colon in a php file when you're editing in the wordpress Dashboard. Sucks hard. And doubly if the FTP passwords have been misplaced.

I think this boils down to trust. I know as a designer and Wordpress dev, if I couldn't have access to the plugin files, then I'd find it very frustrating...
I've had to go in to find specific plugin files for reference to the style sheet so that I can turn them off and style to match the site, or some plugins even give an option for a custom styles file, which are usually kept in the plugin folder.
0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 38829793
I'm not advocating that the backend be the only entry point for a designer or developer.  I am saying that if you have hired someone who you don't trust enough to give FTP access, then maybe you need to rethink things.
0
 

Author Closing Comment

by:COwebmaster
ID: 38829820
Thanks!
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses how to implement server side field validation and display customized error messages to the client.
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.
Suggested Courses
Course of the Month13 days, 5 hours left to enroll

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question