Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 15th March 2009, 20:37
nsansari nsansari is offline
Junior Member
 
Join Date: Mar 2009
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Default FTP users have access to others folders

So I've being using ISPConfig for about two years I think. Version is 2.2.18 running on ubuntu. I installed this and played around with it at the time I installed it and since then I've never touched it. Its been running fine sitting in the background doing its job quietly.

However recently a new user complained that he could not get ftp access so I had a look and strangely enough found out that yes he can get to ftp but not just his site he can actually browse the whole server with his user account. So I've tested other users on the system and it seems like it is the same for every user I have on the system.

When the user logs on first time he goes to his respective web , but if he goes up levels then he can see other folders as well. I'm not even sure where to start looking as its been such a long time that I installed this sytem.

Can some one help at all , or point me to the right direction.

Thanks in advance.
Reply With Quote
Sponsored Links
  #2  
Old 15th March 2009, 20:55
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,213 Times in 4,088 Posts
Default

You have to enable the ftp chrooting as described in the perfect setup guide. Add the line:

DefaultRoot ~

to the proftpd.conf file and restart proftpd.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 15th March 2009, 21:24
nsansari nsansari is offline
Junior Member
 
Join Date: Mar 2009
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Default

wow, didn't expect a reply so quick.

that line is already there

# Use this to jail all users in their homes
DefaultRoot ~
IdentLookups off
ServerIdent on "FTP Server Ready."
# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShell off

# Port 21 is the standard FTP port.
Port 21


Any other thoughts??
Reply With Quote
  #4  
Old 15th March 2009, 21:29
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,213 Times in 4,088 Posts
Default

Then you either run a different ftp server and not proftpd or your users accessed the server e.g. by ssh or sftp and not ftp.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 15th March 2009, 21:41
nsansari nsansari is offline
Junior Member
 
Join Date: Mar 2009
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Default

my apologies,

I have used winscp to check this and realised i was using the sftp option to connect and that is what gives the user all access.

However now changing that to ftp user has only access to their folder.

But surely that can't be right, that using sftp they can have complete access. ??

Thanks for your help
Reply With Quote
  #6  
Old 15th March 2009, 21:43
nsansari nsansari is offline
Junior Member
 
Join Date: Mar 2009
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Ahh power of google ,

if I block port 22, that would do the job ?
Reply With Quote
  #7  
Old 15th March 2009, 22:48
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,213 Times in 4,088 Posts
Default

Thats not nescessary, just do not enable the shell / ssh option in the website settings.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #8  
Old 15th March 2009, 23:08
nsansari nsansari is offline
Junior Member
 
Join Date: Mar 2009
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

thank you very much Till, much appreciated.
Reply With Quote
Reply

Bookmarks

Tags
ftp, ispconfig, proftpd, ubuntu

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cacti and ISPConfig: Monitoring Tool VMartins Tips/Tricks/Mods 11 9th August 2008 18:37
proFTPd passive mode problems bisbell Server Operation 8 6th August 2008 21:12
Question about Virtual Hosting With Proftpd And MySQL (Incl. Quota) On Debian Etch ikkem HOWTO-Related Questions 30 26th February 2008 19:38
Junk mail and spamassassin... sthompson Installation/Configuration 4 27th December 2006 16:11
WEB UI FTP not working gimhan90 Installation/Configuration 2 16th March 2006 08:03


All times are GMT +2. The time now is 19:06.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.