Creating and Managing FTP Accounts in cPanel

Depending on your hosting plan, you may not be limited to just a single main FTP account. Why would you need more than one? You probably don’t if you are the only person who will ever make changes to your website. However, if you have another person or group of people help you edit your website, you shouldn’t give them access to your main FTP account to edit files.

Note

Security Note: Because the main FTP account login is the same as your cPanel login you should never give it to anyone else. If someone needs FTP access to your account, you can create a separate FTP account for him or her unless your hosting plan does not allow it.

If you would like to create or manage additional FTP accounts in cPanel, you should log into your cPanel account and then click on the FTP Manager icon. Then from the menu of options that appear, select FTP Accounts.

There will probably already be two or more FTP accounts listed here as main account. You can’t delete or edit them (although you may be able to edit the disk space quota for some of them). They were created by cPanel automatically and need to remain as they are.

Creating a New FTP Account in cPanel

If you would like to create a new FTP account, follow these basic steps:

1. Click Add Account.
2. Choose a name for the new user and enter it in the Login text box. The directory path will automatically update to match your user’s login name. The FTP user you create will only have access to the specified directory inside your public_html directory and any directories below that. This starting directory is often referred to as the FTP account’s home directory. If you change the directory to / then the FTP user will have complete access to any files and directories in public_html (your public web space) via FTP. The account won’t be able to access any files or directories above the public_html directory. The directions printed at the bottom of the screen make this all fairly clear.
3. When you create an account, you can also specify a disk space quota. The quota limit will restrict the account from uploading more than the specified amount (in MB). Setting the quota limit to nothing, zero (0) or the word unlimited will create an FTP account with no quota limits at all. Without a quota limit, that user will be able to upload files until you either run out of disk space or bandwidth.

Note

Once you create an FTP account, you can’t edit it (other than the disk space quota). You can only delete it, so type carefully.

A couple of examples of FTP account creation:

You create a new FTP user called billy and the specified home directory is /home/domain/public_html/billy with a disk quota of 10 MB. This user will be able to create or access anything inside the billy directory in your account’s public web space area (public_html) via FTP. Billy will only be able to upload 10 MB worth of files into public_html/billy. After uploading that much they will need to delete some files to make room to upload more. The billy FTP account will not be able to access anything in public_html itself.

You also create a new FTP account called webmaster and the home directory is /home/domain/ public_html/ with quota set to unlimited. This user will be able to access everything in public_html via FTP and upload/download/delete files and directories with no limits.

Note

For FTP accounts that you create, the username to log into the FTP server is< username@domain.com>. The password is whatever you set it to (for security the password should not be the same as your main FTP account). Otherwise, all of the connection information mentioned for the main FTP account remains the same.

Monitoring your FTP Usage in cPanel

Back at the main FTP Account screen you will be able to monitor FTP account quotas, edit those quotas, and delete FTP accounts that you have previously added.

Rather oddly, there is a link for each add-on domain and sub-domain’s raw web logs here (see Chapter 7 for more information on web logs). Click a link and your browser will download the logs to your computer.

Note

Depending on your web host’s settings, the raw web log links may include your main FTP/cPanel account password as well as the username. While this makes accessing the links easy (since you do not have to enter the password for your account to access the raw web logs), it is also a security risk. If you leave this page open in your browser anyone can come along and roll the mouse pointer over the link to see your main account username and password in the browser status bar. You may want to ask your web host to turn off the option that includes account passwords in those links.