{"id":177,"date":"2025-03-27T10:11:59","date_gmt":"2025-03-27T08:11:59","guid":{"rendered":"https:\/\/www.24x7serverguard.com\/blog\/?p=177"},"modified":"2025-03-27T10:11:59","modified_gmt":"2025-03-27T08:11:59","slug":"how-to-disable-cpanel-login-credentials-for-ftp-access","status":"publish","type":"post","link":"https:\/\/www.24x7serverguard.com\/blog\/ftp-issues\/how-to-disable-cpanel-login-credentials-for-ftp-access\/","title":{"rendered":"How to Disable cPanel Login Credentials for FTP Access?"},"content":{"rendered":"\n<p><strong>Why Disable Default cPanel Login for FTP?<\/strong><\/p>\n\n\n\n<p>By default, cPanel login credentials can be used to access <strong>FTP<\/strong>, which poses a security risk. Hackers can exploit this vulnerability to upload malicious scripts. To enhance security, you can <strong>disable FTP access for cPanel users<\/strong> by following the steps below.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Steps to Disable FTP Access for cPanel Users<\/strong><\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Open the ftpupdate File<\/strong><br>Access your server as the root user and edit the <code>ftpupdate<\/code> script:   <\/li>\n<\/ol>\n\n\n\n<p><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">vi \/usr\/local\/cpanel\/bin\/ftpupdate<\/mark><\/p>\n\n\n\n<p>2. <strong>Locate the Relevant Code<\/strong><\/p>\n\n\n\n<p>If you&#8217;re using an <strong>older cPanel version<\/strong>, navigate to <strong>line 189<\/strong>.<\/p>\n\n\n\n<p>If you have an <strong>updated cPanel version<\/strong>, the code is usually found at <strong>line 211<\/strong>.<\/p>\n\n\n\n<p>3. <strong>Comment Out the FTP Credentials Line<\/strong><br>Locate the following line:<\/p>\n\n\n\n<p><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">print FTPASS join( &#8216;:&#8217;, $system_user, $entry->[1], $entry->[2], $entry->[3], $entry->[6], $entry->[7], $entry->[8] ) . &#8220;\\n&#8221;;<\/mark><\/p>\n\n\n\n<ol class=\"wp-block-list\"><\/ol>\n\n\n\n<p>Modify it by commenting it out:<\/p>\n\n\n\n<p><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">print FTPASS join( &#8216;:&#8217;, $system_user, $entry->[1], $entry->[2], $entry->[3], $entry->[6], $entry->[7], $entry->[8] ) . &#8220;\\n&#8221;;<\/mark><\/p>\n\n\n\n<p>4. <strong>Run the FTP Update Command<\/strong><br>Apply the changes by executing:<\/p>\n\n\n\n<p><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">\/usr\/local\/cpanel\/bin\/ftpupdate<\/mark><\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Outcome:<\/strong><\/h3>\n\n\n\n<p>After completing these steps, the default <strong>cPanel login credentials will no longer work for FTP access<\/strong>, reducing the risk of unauthorized file uploads.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Additional Security Recommendations:<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use <strong>SFTP (Secure FTP)<\/strong> instead of FTP for enhanced security.<\/li>\n\n\n\n<li>Create <strong>separate FTP accounts<\/strong> with limited access.<\/li>\n\n\n\n<li>Implement <strong>strong passwords<\/strong> and <strong>IP restrictions<\/strong> for FTP users.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Why Disable Default cPanel Login for FTP? By default, cPanel login credentials can be used to access FTP, which poses a security risk. Hackers can exploit this vulnerability to upload malicious scripts. To enhance security, you can disable FTP access for cPanel users by following the steps below. Steps to Disable FTP Access for cPanel [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13],"tags":[122,118,124,120,119,116,123],"class_list":["post-177","post","type-post","status-publish","format-standard","hentry","category-ftp-issues","tag-24x7-server-guard","tag-disable-ftp-access-in-cpanel","tag-dxb","tag-restrict-cpanel-ftp-login","tag-secure-cpanel-ftp","tag-server-management","tag-server-support"],"_links":{"self":[{"href":"https:\/\/www.24x7serverguard.com\/blog\/wp-json\/wp\/v2\/posts\/177","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.24x7serverguard.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.24x7serverguard.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.24x7serverguard.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.24x7serverguard.com\/blog\/wp-json\/wp\/v2\/comments?post=177"}],"version-history":[{"count":1,"href":"https:\/\/www.24x7serverguard.com\/blog\/wp-json\/wp\/v2\/posts\/177\/revisions"}],"predecessor-version":[{"id":178,"href":"https:\/\/www.24x7serverguard.com\/blog\/wp-json\/wp\/v2\/posts\/177\/revisions\/178"}],"wp:attachment":[{"href":"https:\/\/www.24x7serverguard.com\/blog\/wp-json\/wp\/v2\/media?parent=177"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.24x7serverguard.com\/blog\/wp-json\/wp\/v2\/categories?post=177"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.24x7serverguard.com\/blog\/wp-json\/wp\/v2\/tags?post=177"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}