CODEWITHSUNDEEP
phpftpsubdomaincpanelauthority
MarsPeople
MarsPeople

Reputation: 1824

Cpanel subdomain access to parent folder prevent

For example:
I have "abc.com" and i use "cpanel"
In "cpanel -> Domains -> Subdomains"
i create
Subdomain: "x.abc.com"
Document Root: "/home/abc/public_html/hisfolder"

And i will give this address to my customer
i don't want he access to my other files except "hisfolder"
He must only access with "ftp" to "hisfolder" and my Database.

And i create In "cpanel -> Files -> Ftp Accounts"
Login: "[email protected]"
Password: "*****"
Directory: "/home/abc/public_html/hisfolder"

With "filezilla" or etc. he only access "hisfolder" he can't access to parent folders and files OK.
But when he write a ".php" file like:

<?php
$dir    = '../';
$files = scandir($dir);
print_r($files);

$phpApiFile = file_get_contents('../api.php');
echo $phpApiFile;
?>

and upload to "/home/abc/public_html/hisfolder/index.php" he can now access to my files?

  1. He should add his .php files and connect to database
  2. He should not access to my files

So how can i do this both agents? what am i do?

Upvotes: 0

Views: 1762

Answers (2)

Glaucius Zacher
Glaucius Zacher

Reputation: 49

Just an idea, create a directory in your root dir, the same as public_html, and name it, for example, public_sub, and store subdomains in this directory.

Upvotes: 0

24x7servermanagement
24x7servermanagement

Reputation: 2540

You can setup the correct access with the FTP but it's not possible with the Apache. Your user can use your files which are present in your public_html directory.

If you have WHM login then I will suggest you create main cPanel account with the subdomain name (x.abc.com), So that cPanel will create new user and then your user can not access any your files.

Upvotes: 1

Related Questions