Creating and Managing FTP Accounts for Developers
Sharing your primary cPanel password with a developer is a significant security risk. Instead, create separate FTP Accounts. This allows you to restrict access to specific folders and revoke permissions instantly once their work is complete.
How to Create a New FTP Account
- Log in to cPanel: Navigate to the Files section and click on FTP Accounts.
- Fill in the "Add FTP Account" Form:
- Log In: Enter a username (e.g., dev_john). The full username will be dev_john@yourdomain.com.
- Password: Use the Password Generator to create a strong, random password.
- Directory:
- Default: cPanel suggests a new folder.
- Full website access: change to public_html.
- Project-specific access: enter a subfolder (e.g., public_html/staging).
- Quota: Set a limit on upload capacity, or leave as Unlimited.
- Click "Create FTP Account": The account is now active.
Managing Developer Access
- Change Password: Immediately update if a developer's device is compromised.
- Change Quota: Adjust their disk space allowance as needed.
- Configure FTP Client: Click to view Manual Settings (FTP Username, Server, Port) for use in FileZilla, WinSCP, or similar tools.
- Delete: Remove account access once the project is complete.
⚠ Warning: Do not check "Delete Home Directory" unless you want to erase all files. Usually, you only want to revoke access.
Best Practices for Security
- Path Restriction: Only give access to the specific folder required. Developers cannot access other files or configuration settings.
- Unique Accounts: Avoid shared "developer" accounts. Assign a unique account per person to track who made which changes.
- Use FTPS or SFTP: Encourage developers to connect via FTP over TLS (FTPS) on Port 21 or SFTP on Port 22 (if enabled). This encrypts transfers so passwords aren’t sent in plain text.
???? Pro Tip: Always review active FTP accounts monthly and delete any that are no longer needed to maintain maximum security.
