Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : How to Limit FTP access?

[acctman]

Is it possible to limit FTP access when hiring someone to work on a site/script. I'd like to limit the access to certain folders and files.

[mwaseem]

The account owner FTP user has full access to all directories, but you can create another FTP account and set home directory for it which is not your site's home directory and this user would have access that directory and everything under it. Am i on the same track?

[John[H4Y]]

In Windows or Linux, you can use the built-in file system security to do what you need. In Linux, have the domain owner use one username and place them in a group "ftpgroup". The restricted user has a different username and is also in that group. The files and directories he should have write access to can be chmod +g to allow group write access. The ones he shouldn't have access to should not have group write access. If the domain owner needs to write to these files as well, you can run a cron to chmod them every minute or five minutes.

In Windows, create the restricted user and give them NTFS access to the folders they can write to. Also give the domain owner access to these folders, but restrict access to the folders the restricted user should not be able to access.

This is all built in to the OS for Windows and works in Linux with any FTP server that uses real Linux UIDs for logins.