For example:
I have "abc.com" and i use "cpanel"
In "cpanel -> Domains -> Subdomains"
i create
"x.abc.com" “x.abc.com”
"/home/abc/public_html/hisfolder" “/home/abc/public_html/hisfolder”
And i will give this address to my customer
i don't want he access to my other files except "hisfolder"
He must only access with "ftp" to "hisfolder" and my Database.
And i create In "cpanel -> Files -> Ftp Accounts"
Login: "hisname@abc.com"
Password: "*****"
Directory: "/home/abc/public_html/hisfolder"
With "filezilla" or etc. he only access "hisfolder" he can't access to parent folders and files OK.
But when he write a ".php" file like:
<?php
$dir = '../';
$files = scandir($dir);
print_r($files);
$phpApiFile = file_get_contents('../api.php');
echo $phpApiFile;
?>
and upload to "/home/abc/public_html/hisfolder/index.php" he can now access to my files?
So how can i do this both agents? what am i do?
You can setup the correct access with the FTP but it's not possible with the Apache. Your user can use your files which are present in your public_html directory.
If you have WHM login then I will suggest you create main cPanel account with the subdomain name (x.abc.com), So that cPanel will create new user and then your user can not access any your files.
只是一个想法,在你的根目录中创建一个目录,与public_html相同,并命名它,例如public_sub,并将子域存储在该目录中。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.