• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Disable "File Manager" Access

C

ChadwickM

Guest
I need to be able to disable the "file manager" tools for all my hosting accounts. In the Domain Manager controls I can control permissions to all sorts of controls, e.g. DNS management, FTP Password management, Shell Access, etc. But I don't see any way of disabling the "File Manager".

If I can't disable it, I need to at least be able to restrict it to the FTP home directory setup in linux for that user account.

Any ideas?

Why? We have a tightly controlled environment, and I've restricted their FTP access to a "Home" folder, but I don't want them looking at anything else, or potentially deleting, modifying, or breaking any code, let alone uploading their own potentially dangerous code. Suffice to say, I don't want them looking at all the files in their VPS account.
 
I need this as well

I need an answer to this post as well. We manage sites for clients and don't want to give them access to accidentally delete something important. Anyone out there have a way of disabling the file manager for clients?
 
They can anyway enter as FTP regular user with any FTP client. So disabling from PLESK is just a small part of solving the problem. I think it is hardcoded into the files, you cannot disable it.
 
In the Interface customization you can disable it.

Login as admin, go to interface management, Interface templates and click on your template name, then Show Toolbar

In the left menu click on Domains, and select a domain, and then click on "customize" in the toolbar. In the "File Manager" button where it shows "Default" click on it and then select Hide and then click on OK in the toolbar.

Repeat for any control that you do not want to have displayed.
 
How do I disable file manager?

We are experiencing the blackhole exploit hack via file manager and Plesk support says it could be a previous compromise. How can we disable the file manager from running. We been pointed us to removing the file manager ( Home>Settings>Home Page Presets>) button but does this mean file manager is disable from running in the background and cannot be accesses via a script?
 
Last edited:
Disable all WebDAV Modules in the Apache Configs

The best way to disable the file manager eg. File Sharing is to unload all WebDAV Modules in the main apache configuration. On a debian environment login into a terminal, go to the apache enable module directory and remove the symbolic links to all dav_* modules and configs. Restart the apache webserver.

Attention: You cannot use the File Sharing parts in the administration afterwards anymore. But that's no problem for us.

cd /etc/apache2/mods-enabled
# Look on the old symbolic links if you want to go back, if this solution doesn't fits your needs ;-)
ls -la *
rm dav_*
Restart apache
Click to expand...

If you want to reverse the WebDAV config again
cd /etc/apache2/mods-enabled
ln -s ../mods-available/dav.load
ln -s ../mods-available/dav_fs.conf
ln -s ../mods-available/dav_fs.load
ln -s ../mods-available/dav_lock.load
Restart Apache
Click to expand...
 
Last edited:
You must log in or register to reply here.

Similar threads

jlocana
Question How can I access the root of the server using ftp software or file manager?
Replies
2
Views
496
jlocana
jlocana
M
Resolved Firewall: Disable panel access on <ip>:443, but keep active on <ip>:8443
Replies
2
Views
489
mewcrazy
M
I
Input Allow us to disable ads that are being placed all over the panel
Replies
1
Views
176
Martin Dias
Martin Dias
K
Resolved Setting up a subscription to get access to website files and email tools
Replies
7
Views
926
klmgraphics
K
A
Resolved Unable to modify a subscription's SSH access
Replies
4
Views
719
Kaspar
K
Back
Top