Lock down your Central File Server account securely and completely so that no one has access. Here are the steps:
- First visit the Enable Unix Account web page in order to log in.
- Log into your Unix account using SSH
- Enter the following command:
~helpdesk/scripts/protect
- Log out of your Unix account
This script does the following:
- Changes the home directory to permissions 711 (allowing FTP to drop the user into their home directory properly). Note that the default permissions for all accounts created after June 2003 are 711.
- Recursively works through each sub-directory to change the permissions to 700, and files within them to 600.
- Leaves or changes your public_html folders (your web folder) to the proper 755 or 644 permissions for world readability.
- Note that the script changes all the permissions to the default settings.
For complete security and protection of your Central File Server account, this is the Help Desk recommended method. Important note: If you have set any folder permissions using Windows ACL settings, these will be overwritten by this script.
Windows users can use ACLs to set permissions
Windows computer users can use Access Control Lists (ACLs) on specific folders to set permissions for user access. If you use ACLs, do not use either procedure described above unless you are aware that they will override any permissions you have set with ACLs. On the other hand, if you are having trouble with ACL's and need to reset all your permissions back to default recursively through all your folder and sub-folders, use the Help Desk script option described above. Only Windows computer users can use ACLs on the Central File Server. This method is not available to Macintosh and Unix/Linux computer users.