These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for Protecting virtual server home directory files on the new forum.
Web Hosting and Cloud Computing Control Panels
May I ask why you'd want to hide those files from the server owner? There's nothing in there that'd have to be kept secret from him. :)
I don't think VMin has functionality to do what you suggest... You'd have to fiddle manually with the ownership and permissions of the home directory contents. Which is not recommended, as it'd be prone to break a number of things.
What you could do is restrict FTP users to e.g. the public_html directory, causing them to see that as the "root" and not be able to changedir to anything outside that path. You can do that in Limits and Validation -> FTP Directory Restrictions.
No, no secrecy. Just a case of thinking "need to know" basis is probably more stable. If someone can inadvertently delete or modify a system file, that has the potential to cause frustration and issues down the line.
Thanks! I'll take a look.
Okay, if it's about preventing damage by "playful" server owners, it might be best to lock them in the public_html directory. :)
Can't seem to get it to work
I have selected the server, and have set " Virtual server's home directory". But it seems to have no effect.
(I dunno if that's because I have changed the default home directory. At the same time, if I try to set the option "other directory", nothing I enter there gets accepted. eg "httpdocs" (my renamed home directory) gets "Failed to save FTP directory restrictions : Missing or invalid directory in row 1". Ditto with "/httpdocs", or even "cgi-bin" or whatever).
Try "~/httpdocs". :-)
BTW: Don't mix up "home directory" with "HTML documents directory".
The "home directory" is the one that contains all the stuff you wish to hide, like the Maildir etc. Your "httpdocs", or originally "public_html" is not the home directory, that's why setting the FTP restriction to "home directory" seems to have "no effect". (In fact, it does have an effect. Without that restriction, FTP users can see the whole file system, or rather the parts they have access to.)
Thanks - the magic '~' allowed me to set that directory.
Only thing is... It seems to make no difference at all! (Have stopped and started FTP server too). In other words FTP access is exactly as it was. :-(
Okay, take a look at Webmin, section Servers -> ProFTPD server -> Files and Directories. What is listed there in "Limit users to directories"?
What exactly did you try? As which user did you log on and what does the "/" of the FTP server show?
I have two lines for "Limit users to directories" :
1) ~/httpdocs unix groups: test-domain.com
2) none unix groups: everyone
If I FTP in as test-domain.com I see all the default virtualmin dirs eg awstats, maildir. I have full read/write on all of these.
Actually, those settings look okay. To make sure the group assignment is correct, you can do
groups test-domain.com. It should say then: something liketest-domain.com : test-domain.com.It might help to restart ProFTPD, maybe the config change has not yet been applied correctly.
Are you using Ubuntu? On my system, I got the issue that when Webmin restarts ProFTPD, the start fails cause the stop script returns before the server is actually down. It helps to append a
; sleep 3to the shutdown command in the Webmin ProFTPD module config.Thanks for your patience with this.
Yes, that's OK
Have tried that
I have tried stopping, pausing and starting. No good!
I think maybe I need to send in a bug report.
Hmm okay... When you FTP in, and type
pwd, what directory name does it tell you? And what does thelslisting show?It's possible that there's an issue with Webmin/ProFTPD/Directory restriction (different config file layout or similar) on CentOS. For me on Ubuntu it works okay the way you have it set up now.