Solved

restrict folder access in ftp

Posted on 2013-01-25
5
453 Views
Last Modified: 2013-01-28
Hi there. I'm using WordPress and have given my designer the role of administrator but don't want to give him access to my plugins which he could download via an ftp client.  He can view the plugins in the WordPress dashboard but I want to restrict giving him access when using filezilla.  Is that even possible?

In addition, if I've handed out cpanel access, can I restrict access to the plugins folder? So they can view folders just not pull them down.

I have purchased some plugins that I don't want stolen.
0
Comment
Question by:COwebmaster
5 Comments
 
LVL 2

Accepted Solution

by:
andy_adams earned 250 total points
ID: 38819776
As long as you've given 'read' access to folders via FTP, then as far as I know you cannot prevent someone from copying them to their local folder.

The best way to handle this would be to remove 'read' access for the FTP users on the plugin directory completely. They won't be able to see the contents of the folder at all, but that sounds like what you're looking for.

I'm not an expert on file permissions, but I'm pretty sure you can do what you're looking for.
0
 
LVL 70

Assisted Solution

by:Jason C. Levine
Jason C. Levine earned 250 total points
ID: 38820074
Giving Administrator access in WordPress has nothing to do with FTP.  However, even if you manage to restrict the FTP permissions properly, an Administrator can still download plugins by going to Plugins | Editor and copying the files out one-by-one from the editor.  It's tedious but possible.

What I would do is create a new user role based on the Administrator but remove the capability to manage plugins or whatever else you don't want them to do.  Check this plugin for more information

If you are worried about this, why does your designer need FTP access for a WordPress site?  The theme files and images can all be manipulated with Dashboard access alone...
0
 
LVL 7

Expert Comment

by:Alicia St Rose
ID: 38823094
FYI,
It really sucks when you leave off a semi-colon in a php file when you're editing in the wordpress Dashboard. Sucks hard. And doubly if the FTP passwords have been misplaced.

I think this boils down to trust. I know as a designer and Wordpress dev, if I couldn't have access to the plugin files, then I'd find it very frustrating...
I've had to go in to find specific plugin files for reference to the style sheet so that I can turn them off and style to match the site, or some plugins even give an option for a custom styles file, which are usually kept in the plugin folder.
0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 38829793
I'm not advocating that the backend be the only entry point for a designer or developer.  I am saying that if you have hired someone who you don't trust enough to give FTP access, then maybe you need to rethink things.
0
 

Author Closing Comment

by:COwebmaster
ID: 38829820
Thanks!
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn by example how to specify CSS selectors for Selenium WebDriver test automation software.
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The purpose of this video is to demonstrate how to Import and export files in WordPress. This will be demonstrated using a Windows 8 PC. Go to your WordPress login page. This will look like the following: mywebsite.com/wp-login.php : Click on Too…
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now