Solved

restrict folder access in ftp

Posted on 2013-01-25
5
450 Views
Last Modified: 2013-01-28
Hi there. I'm using WordPress and have given my designer the role of administrator but don't want to give him access to my plugins which he could download via an ftp client.  He can view the plugins in the WordPress dashboard but I want to restrict giving him access when using filezilla.  Is that even possible?

In addition, if I've handed out cpanel access, can I restrict access to the plugins folder? So they can view folders just not pull them down.

I have purchased some plugins that I don't want stolen.
0
Comment
Question by:COwebmaster
5 Comments
 
LVL 2

Accepted Solution

by:
andy_adams earned 250 total points
ID: 38819776
As long as you've given 'read' access to folders via FTP, then as far as I know you cannot prevent someone from copying them to their local folder.

The best way to handle this would be to remove 'read' access for the FTP users on the plugin directory completely. They won't be able to see the contents of the folder at all, but that sounds like what you're looking for.

I'm not an expert on file permissions, but I'm pretty sure you can do what you're looking for.
0
 
LVL 70

Assisted Solution

by:Jason C. Levine
Jason C. Levine earned 250 total points
ID: 38820074
Giving Administrator access in WordPress has nothing to do with FTP.  However, even if you manage to restrict the FTP permissions properly, an Administrator can still download plugins by going to Plugins | Editor and copying the files out one-by-one from the editor.  It's tedious but possible.

What I would do is create a new user role based on the Administrator but remove the capability to manage plugins or whatever else you don't want them to do.  Check this plugin for more information

If you are worried about this, why does your designer need FTP access for a WordPress site?  The theme files and images can all be manipulated with Dashboard access alone...
0
 
LVL 7

Expert Comment

by:Alicia St Rose
ID: 38823094
FYI,
It really sucks when you leave off a semi-colon in a php file when you're editing in the wordpress Dashboard. Sucks hard. And doubly if the FTP passwords have been misplaced.

I think this boils down to trust. I know as a designer and Wordpress dev, if I couldn't have access to the plugin files, then I'd find it very frustrating...
I've had to go in to find specific plugin files for reference to the style sheet so that I can turn them off and style to match the site, or some plugins even give an option for a custom styles file, which are usually kept in the plugin folder.
0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 38829793
I'm not advocating that the backend be the only entry point for a designer or developer.  I am saying that if you have hired someone who you don't trust enough to give FTP access, then maybe you need to rethink things.
0
 

Author Closing Comment

by:COwebmaster
ID: 38829820
Thanks!
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Using SQL Scripts we can save all the SQL queries as files that we use very frequently on our database later point of time. This is one of the feature present under SQL Workshop in Oracle Application Express.
This article discusses how to create an extensible mechanism for linked drop downs.
The purpose of this video is to demonstrate how to prevent comment spam on a WordPress Website. This will be demonstrated using a Windows 8 PC. Plugin Akismet will be used. Go to your WordPress login page. This will look like the following: myw…
The viewer will learn how to count occurrences of each item in an array.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now