There are several options to provide users with FTP access to their home directories on shared-hosting environment.
FTP (File Transfer Protocal) is not secure, so not recommended.
FTPS (FTP over implicit/explicit TLS/SSL) is better option, but still kind of problematic for shared hosting environment, especially on a shared IP, since SSL key require dedicated IPs.
So, the best option is SFTP (SSH File Transfer Protocol), but at the same time it has the biggest disadvantage. While it is possible with FTP and FTPS to restrict users from seeing anything out of their home directories, with SFTP it is not. I don’t mind users to see the list of other users under /home, after all shared hosting is shared. However, the problem is that users can see not only /home directory, but list of the directories under / and even browse within some of them. Seems the file permissions prevent the users to delete or do anything wrong with system directories, but anyway it makes me nervous that the users can freely browse the root system directories.
I would really stick with SFTP, since it is the most secure protocol, but the above described issue makes me to use old and insecure FTP protocol. So my questions are:
-
Is it any way to prevent SSH FTP users from seeing anything out of their own home directories?
-
If there is no such a way, what is the best FTP practice for Virtualmin Shared Hosting Services?
Thanks!