Page tree
Skip to end of metadata
Go to start of metadata

Overview

The EasyApache FileProtect option improves the security of each user's public_html directory. In EasyApache 4, the system enables this option by default.

Usage

Use this option to protect each cPanel account user's public_html directory and each addon domain's document root directory so that only Apache and the user may view its contents.

When you enable this option, EasyApache performs the following actions:

  • Creates the /var/cpanel/fileprotect file.

    Note:

    When you disable this option, EasyApache removes this file.

  • Executes the /usr/local/cpanel/scripts/enablefileprotect script, which sets more secure permissions for each user's /public_html directory.
  • Sets the user's /home/username/ directory to 0711 permissions.

  • Sets all document root directories' GroupID to the username user and 0750 permissions.

When you disable this option, EasyApache performs the following actions:

  • Sets the user's /home/username/ directory to 0755 permissions.
  • Sets the user's /home/username/public_html directory Group ID to the username user and 0755 permissions.

Requirements

This option does not possess any requirements.

Compatibility

  • This option functions when you enable the ModRuid2 Apache module.
  • This option does not possess any known compatibility issues.

Enable or Disable FileProtect

In the interface

You can enable or disable the FileProtect option with the Enable File Protect option in the Security section of WHM's Tweak Settings interface (WHM >> Home >> Server Configuration >> Tweak Settings).

This option defaults to On.

On the command line

To enable the FileProtect option, run the following script:

/usr/local/cpanel/scripts/enablefileprotect

To disable the FileProtect option, run the following script:

/usr/local/cpanel/scripts/disablefileprotect


For more information about these scripts, run these scripts with the --help flag.

Additional documentation