User Security Settings
You can restrict access to individual users. There are three different means to set a security restrictions:
- Set a default (home) directory that the user logs into.
- Set read, write and delete permissions.
- Set file visibility.
User Home Directory
Changing the home directory is one of the most useful security features of a user. When you change the home directory for a user, it means that when that user logs in, they are automatically navigated into a sub-folder of your account. Better yet, the user will have no idea that they have been restricted to that directory – and they will have no idea that any other outside files or directories exist.
Setting the User Home Direcotry
- In the user setup window, click the “change location” link.
- In the folder tree pop-up, select the folder that you want to use for the user's home directory.
- If you need to create a folder, click the Create Folder button.
Advanced Usage: Nested Sub-Directories
A user *only* has access to the home folder you specify, as well as any folders underneath that folder. You can use this to your advantage. Consider the following example:
| Username | Home Directory |
|---|---|
clients | /clients |
fred-flintstone | /clients/fred-flintstone |
barney-rubble | /clients/barney-rubble |
In this case, the 'clients' user will have access to both Fred & Barney's folders.
However, Fred & Barney will only be able to access their own folders and
will not be able to access each other's folders (or any folders for other clients).
Some Final Notes About Home Directories
- You may create multiple users with the same home directory.
- When a user is deleted, it does not delete the data in the user's home directory, so you may safely add or change users without affecting data on the server.
User Permissions
User permissions are what determine what file actions your user may do on your FTP server. User permissions are set in the User Edit window. Granting permissions is as simple as checking or un-checking the permission checkboxes:
Note: To customize User permissions, set the role to “custom”
| User Permissions | |
|---|---|
| Upload | If upload is checked, the user will be able to upload files and create directories |
| Download | If download is checked, the user will be able to download files |
| Delete | If delete is checked, the user will be able to delete files on the server |
| List Files | If list files is checked, the user will be able to see the files that are loaded onto the server. Note that they will only be able to see files and folders in their home folder |
| Change Password | If changed password is checked, the user will be able to change their password on the Settings page |
Disabling the 'List Files' option is useful when you setup an upload-only User. In that case, the User would only be able to upload files – and nothing else.
Locking a User
Selecting the Lock User checkbox will prevent the User from accessing your account. This allows you to create logins for people who only need to login periodically.