FTP, or File Transfer Protocol, is a standard protocol used for transferring files between computers over the internet. It is commonly used to transfer files to and from a web server. In order to ensure that the files in a shared directory are secure, it is important to limit access to read-only permissions.
In this article, we will go through the steps involved in giving FTP users read-only access to a shared directory.
1. Create the FTP user account
The first step is to create a new FTP user account with read-only access to the shared directory. This can be done using an FTP server software, such as VSFTPD or PROFTPD, or through the command line. In this example, we will use the VSFTPD FTP server.
To create a new user account, open the VSFTPD configuration file located at /etc/vsftpd.conf and add the following lines at the end of the file:
This enables local FTP access and disables write permissions for the user.
Next, create a new system user account using the adduser command:
sudo adduser ftpuser
This creates a new user account named ftpuser. You will be prompted to enter a password and other user information.
2: Configure the FTP server
After creating the new user account, the next step is to configure the FTP server to allow read-only access to the shared directory. This involves setting the appropriate permissions for the user account and the directory.
To do this, create a new directory to be shared and set the permissions to read-only:
sudo mkdir /var/shared
sudo chmod 755 /var/shared
Next, add the ftpuser account to the group that owns the shared directory:
sudo chown -R root:ftpuser /var/shared
sudo chmod -R 755 /var/shared
This sets the group ownership of the shared directory to ftpuser and gives the group read-only permissions.
Finally, restart the VSFTPD service to apply the changes:
sudo systemctl restart vsftpd
3: Test the configuration
After configuring the FTP server, it is important to test the configuration to ensure that the FTP user is able to access the shared directory in read-only mode. This can be done by logging in to the FTP server using the new user account and attempting to access the shared directory.
To log in using the new user account, use an FTP client, such as FileZilla, and enter the following information:
Hostname: your server’s IP address or hostname
Password: the password you set for the ftpuser account
Port: 21 (the default FTP port)
Once logged in, attempt to access the shared directory. You should be able to view and download files, but not make any changes or deletions.
4: Monitor access
Once the FTP user has been given read-only access to the shared directory, it is important to monitor access to ensure that the user is not making unauthorised changes or deletions. This can be done using FTP server logs or through third-party monitoring software.
Is there an easier way?
When it comes to giving read-only access to directories, using cPanel is often considered easier than using FTP. So, if you have cPanel hosting, there is no need to use FTP.
There are several reasons why cPanel is easier to use:
- User-friendly interface
cPanel has a user-friendly interface that makes it easy to navigate and manage files and directories. It provides a graphical representation of files and directories so users can quickly locate and modify permissions.
- Simple configuration
With cPanel, you can set file permissions for directories with just a few clicks. This eliminates the need for complex FTP commands that may be difficult for inexperienced users to understand.
- Access control
cPanel provides a range of access control features that allow you to control who has access to your directories. You can create user accounts with different levels of access permissions, including read-only access. This ensures that your data remains secure and prevents unauthorised access.
- No additional software required
To use cPanel, you don’t need to install any additional software on your computer. This eliminates the need for an FTP client, which may require additional configuration and can be difficult for inexperienced users to set up.
By following the steps outlined in this article, you can give FTP users read-only access to a shared directory, ensuring the security of your data. Remember to test your configuration and monitor access to ensure that your data remains secure. You can, however, achieve the same outcome much quicker and with less technical know-how if you have a cPanel control panel on your web hosting account.
Looking to experience all the benefits of cPanel Hosting? Visit our cPanel Hosting page.