View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions Is it safe to show the directories of your server?
Log in to Ask a Question

Is it safe to show the directories of your server?

sftp

I've been following a the guide on hosting a website and walked into a problem, which I believe I can solve by changing the permissions of the following directory. (problem was that I'm unable to upload anything in the directory, because I'm not logged in as the root)

/var/www/html/example.com

So when I use FileZilla to connect trough SFTP I'm put in the following directory

/home/myusername

I am able to go back and see the entire structure of my linode. The only directories that I'm unable to access are initrd.img, initrd.img.old, lib, lib64, lost+found, root, vmlinuz and vmlinuz.old

Should an user be able to see the directory structure and the content inside (excluding the ones listed above)?

What I believe to be best, is to have an user dedicated to only the files and directories inside the var/www/html/example.com So he wouldn't be able to rwx anything else beside his own directory (home/username) and the website directory (example.com).

3 Replies

Logging into the /home/your username directory is normal.

The root account should be disabled from logging into and a sudo user should be used instead if you havn’t done that already. Certain directory are closed off for security reasons.

If you REALLY need to access them you can convert to root using a command. I’ll omit it since I highly doubt you need to access those directories that you’ve listed.

EDIT: file, directory, and user access is going to depend on certain factors or levels of security. Public_html is obviously going to be open to the public.

@LouWestin

It's not that I need to access it. I'm more so wondering if an user should even be allowed to see any other directory than the /home/username and /var/www/html/example.com.

(If the user is a sudo user then it's a different story)

i.e:
instead of seeing this

  • etc
  • root
    ..
  • var
  • home

You would only see the directories that are relevant to that user, like this:

  • home
  • var

Generally speaking, a user that can see and access other directories is only going to be a concern if you have more than one user logging in besides yourself.

If you have an additional user(s) logging into your server, then you have to figure out the appropriate permissions and access controls so that they can or can’t do things that you don’t want them to do.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct