Block FTP User from one file

Toggle sidebar Toggle sidebar
V

Vcize

Senior member
May 30, 2003
418
0
0
I wasn't sure which forum this goes in, but this seems the closest fit.

I have a xenforo forum that I run. I would like to give one of the admins FTP access so they can install plugins, themes, etc.

However, I don't want them to have access to the database info (username, password, etc). This info is stored in /public_html/library/config.php. Is there a way for me to give them ftp access but block them from accessing that particular file without messing up the permissions of xenforo?
 
John Connor

John Connor

Lifer
Nov 30, 2012
22,757
619
121
Unfortunately, I don't think there is a way to block all files and allow access to one or more selectively. Once you have access to the main site's FTP account you have all.

I guess this amounts to trust more than anything. And you should always have backups! I backup my site to no less than five locations, one being a DVD/RW. So if your config.php file gets messed up just restore it from the backup. No problem.

Permissions would be in the database. Not config.php. That would have the database user, password, etc. When I think of permissions I think of forum permissions...
 
Last edited:
Fardringle

Fardringle

Diamond Member
Oct 23, 2000
9,200
765
126
It's a bit of a hassle to set up if there are a lot of folders, but if your FTP server software allows it you can give their account access to the individual separate folders (excluding the /public_html/library folder) instead of just to the root folder and its contents. However, this won't work if they need access to other files in that folder...
 
V

Vcize

Senior member
May 30, 2003
418
0
0
John Connor said:
Unfortunately, I don't think there is a way to block all files and allow access to one or more selectively. Once you have access to the main site's FTP account you have all.

I guess this amounts to trust more than anything. And you should always have backups! I backup my site to no less than five locations, one being a DVD/RW. So if your config.php file gets messed up just restore it from the backup. No problem.

Permissions would be in the database. Not config.php. That would have the database user, password, etc. When I think of permissions I think of forum permissions...
Click to expand...

Actually you have it backwards :). I need to block just one file, and allow them access to anything else.

The backup is not the issue it is them having access to the information in that file.
 
V

Vcize

Senior member
May 30, 2003
418
0
0
Fardringle said:
It's a bit of a hassle to set up if there are a lot of folders, but if your FTP server software allows it you can give their account access to the individual separate folders (excluding the /public_html/library folder) instead of just to the root folder and its contents. However, this won't work if they need access to other files in that folder...
Click to expand...

Thanks, I suppose that is the closest I can get to it. I will give that a try! Will they still be allowed to create new folders themselves that they have access to?
 
John Connor

John Connor

Lifer
Nov 30, 2012
22,757
619
121
If you are using a VPS then I suppose you can create users and groups for the FTP server. This is how it is in the Filezilla server I have running.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom