Our features site is undergoing a refresh! Be sure to explore the revamped site and discover our latest product roadmap launching here on Monday, March 18th.
New Topic
cPanel & WHM Feature RequestsTopicFile Management
This object is in archive! 
Properties
Category File Management
Tags FTP Security

Client ability to turn off FTP access

marshweb shared this idea 10 years ago
Open Discussion

As a Ecommerce host that sees 90% of site compromises coming from stolen ftp credentials we would like to see a feature of RVSkins ported over to cPanel proper. The ability to turn off FTP access inside of cPanel for the client when they don't need it on. In RVSkins there is a icon to go to the FTP Acess page, which allow the client to turn off and on again FTP access for the main user (which also turns off virtual users also). Basically, if using pureftpd, when the client clciks to turn off FTP access on their account their account username is written to etc/ftpusers in the following format.


username

username@domainname.com


Any usenames found in that file disallow ftp connection for the main user and the virtual users on the account.

We understand that its the client responsibilty to keep their computers clean so that ftp credentials don't get stolen, but it still happens way too much for our liking. Leaving the door closed and lock, and guarded means the 'hackers', even with a good set of keys (credentials) needs to attempt to get in at the same time the user has FTP access turned on. We tested for a while actually using a cron job to write all users on the server to that file every night at 1am, basically turning ftp off for all of them....for those that turned it on during the day and forgot....

2 I like this idea 0  
Leave a Comment
 
Attach a file

cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.