We help IT Professionals succeed at work.

How to ringfence php access to a specific folder

xenium
xenium asked
on
hi,
I'm learning and doing some dev work on a bluehost server. If i give ftp access to someone to a specific folder, it seems they can access other parts of the server outside of that folder by using php.

What steps do I need to take to ringfence that activity and restrict it to one folder (and it's subfolders)?

Many thanks
Comment
Watch Question

KimputerIT Manager
CERTIFIED EXPERT
Commented:
Limit web access as well with: https://www.howtoforge.com/running-vhosts-under-separate-uids-gids-with-apache2-mpm-itk-on-debian-etch
Make sure his linux/unix user has only acess to that one folder, and then virtualhost that folder to his user.
Fractional CTO
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
How or if you can do this depends on your Hosting.

If you have root access, the easy option is to install the MySecureShell package, which provides a fast/sensible SFTP server.

If you don't have root access, best to open a ticket with your hosting company, as how you do this may require intervention by your hosting company.

Aside: I spun up my first Linux machine in 1994 + over this period have used many SFTP servers. They're all... counterintuitive... some worse than others...

MySecureShell is the only SFTP server which works as you'd expect, with near zero config.

Check it out if you can. You'll likely save hours of aggravation.

Author

Commented:
Thanks for the suggestions, it looks like this may be tricky for me as a server newbie, but I will keep this info on hand for when I have resources, or possibly just open a another separate server account.

Thanks again for the input.
David FavorFractional CTO
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
You're welcome!

Good luck!

Welcome to Server Land.