Disable Default FTP logins with Cpanel Server

, Disable Default FTP logins with Cpanel Server, Hostripples Web HostingOn Cpanel server, default user name is very easy to guess. For example, suppose domain name is:  yourdomain.com then the user name will be yourdoma or something like this. So hacker can easily brutforce it and can get FTP access to upload suspicious php shells under your account. Using PHP shells, hacker can do mass defacement on the server. He can inject malicious cods in every index files or PHP files.

We can avoid such attacks  at some level by disabling default FTP login details on Cpanel web server.

How can we do this? Use following steps to do this.

Edit following file

[email protected]#vim /usr/local/cpanel/bin/ftpupdate

Search for following line and comment it using #

# print FTPASS join( ‘:’, $system_user, $entry->[1], $entry->[2], $entry->[3], $entry->[6], $entry->[7], $entry->[8] ) . “\n”;
$vhosts->{$system_user} = join( ‘:’, $system_user, $entry->[1], $entry->[2], $entry->[3], $entry->[6], $entry->[7], $entry->[8] ) . “\n”;

After that run following ftpupdate command to update above settings

[email protected]#/usr/local/cpanel/bin/ftpupdate

Thats all.

Subscribe Now to stay updated.

Please fill in your email address to get most latest updates.