View Full Version : File Manager

24th September 2009, 21:33
I like it to see a "File Manager" in ISPConfig.
So users could online create, edit and delete files or folders.

And if you have administrator or reseller rights, you could also do this for your clients.

If you don't understand me, tell it me. I'm from the Netherlands and my English isn't very good.

25th September 2009, 00:24
Really I don`t see any reason to add something like file editor to ispconfig because it`s useless and should not be implemented because of security reasons.

25th September 2009, 11:05
But if you look to DirectAdmin (http://directadmin.com/features.html) or another web control panel, the most of them does have someone.

Or you could install it as addon.

7th October 2009, 16:00
I think this shuld be not "file manager" but something like WEBftp

25th November 2009, 22:13
I think this shuld be not "file manager" but something like WEBftp

Sorry for my late answer.

ezhandossov, thanks for the right name.
I mean something like a WEBftp.

26th November 2009, 07:20
Please have a look at the roadmap for 3.0.4:

2nd December 2009, 16:39
Sounds like a great idea!

7th March 2010, 20:42
Sounds like a great idea!

yes yes! :)

26th June 2012, 09:22
es muy importante este complemento ;)
file manager para ispconfig

por que el FTP es muy lento

26th June 2012, 10:58
This would not make me a very happy person.

Seriously, this will bring in a sh*tload of security measures into the story.

f.e. ispconfig webgui runs on Apache (uid 33). If client12 (uid 1012) logs in, creates a dir in his homedir, he's not allowed, unless you make the dir world writable, owned by uid 33 or put them both in the same group and set group permissions correct beforehand. Running apache as root is seriously not an option. Throw the action in the jobqueue and let the cron take care of it, but that's not the main purpose of that cron (and the users needs to wait max 59sec.) so also not really an option.

How would you handle these kind of things (this was just one example).

Whoever wants can build it into the system, but for the sake of security, make it a modular and disable it (completely!) by default.

I agree with ezhandossov that it should be a WebFTP client instead of a file manager.

26th June 2012, 11:25
I hope to get it going ASAP.

I am totally with you on the matter of security. Leave the real file managing to the admin and his favorite SSH client.

4th August 2012, 01:29
My vote is for a file manager to be included. I'm looking at moving from Plesk to ispConfig and the file manager is one of the features my customers use.

Regarding it being security risk, if implemented correctly, it's no more of a risk than allowing mod_php to run on customer sites.


4th August 2012, 12:33
Problem is the complexity of this undertaking.

As you can see there are "old" projects like ajaxplorer only concerned with providing the file manager.
Taking the code and integrating it into ISPConfig is not possible because of the license of ajaxplorer :(

I do not see a good solution. Do you?

4th August 2012, 13:29
Regarding it being security risk, if implemented correctly, it's no more of a risk than allowing mod_php to run on customer sites.

And thats why mod_php is normally not used on a ispconfig server. ISPConfig provides mod_php support only for legcy reasons and it should not be used on servers that host clients or are connected to the internet. For hosting servers, use php-fcgi in conjunction with suexec as described in the manual. In ISPConfig, each site runs under a different Linux system user, so you wont be able to have write access to the files from a script running under mod_php anyway. Also you should be aware that ispconfig is a multiserver controlpanel were the web and controlpanel server is not nescessarily the same system, so you cant access any files from a script that are on the web server if the controlpanel server is a different system. The only option ro provide a file explorer like functionality is the user of a webFTP client were the customer can login with its FTP username and password.

4th August 2012, 21:32
Till, Thank you for the explanation! I have a lot of learning to do... So, is php-fcgi even able to write to the file system of the user it is running under? I'm moving to ISPConfig from Plesk which does have a file manager so my users will expect to have it. I have used a few file tools like ajax explorer and written some simple ones myself. I'm thinking I could just install it on each customers site who needs it if php-fcgi allows writing to the filesystem.


5th August 2012, 17:20
php-fcgi is able to write to the filesystem of the user, just ensure that suexec is enabled.

23rd August 2012, 10:50
Maybe this would help you, once ISPC 3.0.5 is out:

11th April 2013, 04:53
Ajaxplorer looks really nice.


3rd October 2013, 23:32
Try to trash a web folder, site with many small files around 10 t0 30 mb with any ftp client and lím sure you will change your idea. It can take hours, no Joke. This is a big problem if you have to replace many files or a site rapidly. That simple point make me doubt that any server system without a integrated file manager is suitable for business.

Any web hosting service hosting out there have their own file manager, deleting files, folders, sites take seconds because itís directly on the servers. Do you think having a ftp client residing on people computer with all the password and entry point to websites are safer, Think Again.

4th October 2013, 09:29
You miss an important point!
ISPConfig is a multi-server panel, so an integrated file manager would have to use ftp anyway.
Otherwise you'd have to install a separate file manager on each hosting server.

11th October 2013, 08:41
May you like to take a look at my post here: http://www.howtoforge.com/forums/showpost.php?p=303778&postcount=32

For administrative works WinSCP could do the job as File manager (and other work too!) but should or even must be limited to the Server Administrator and Server Root Admin only!

It's nothing for the normal user or even Reseller!

That s, I would be very carefully with the use of WinSCP in general.