• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Limit user power to change file and permission

carini

carini

Basic Pleskian
Server operating system version
Ubuntu 22.04.4 LTS
Plesk version and microupdate number
Plesk Obsidian v18.0.63_build1800240825.09
Good morning,

We are frequently encountering problems where users are making unauthorized changes to permissions on their sub-domains, leading to broken sites. It seems some users, lacking proper sysadmin skills, are making changes and then blaming us when things go wrong.

Is possible to implement restrictions to prevent users from changing permissions or creating files and directories outside the webroot?

Screenshot 2024-08-28 at 19.51.58.png
 
Some users start fiddling with file permissions when their website doesn't work as expected. Plesk might want to implement this.
 
Yes that would be good idea to implement. But telling to the customer to not touch permissions should be sufficient. just inform them that the permissions is not causing the website to work as expected
 
You raise a valid point about informing users, but the challenge is identifying the right moment to do so. In many cases, users might not seek help before making changes or might involve a third party who lacks direct communication with us.

Given this, having a system-level restriction or safeguard could help prevent issues before they arise. While educating users is important, it might not always be sufficient to avoid these problems.
 
My customers never have this issue. It’s common sense for a human not to touch that which he does not understand
 
Rexvolkov said:
Yes that would be good idea to implement. But telling to the customer to not touch permissions should be sufficient. just inform them that the permissions is not causing the website to work as expected
Click to expand...
No, it is not. The can also weaken the security of their site by giving 777 permission everywhere.
 
Unfortunately, at this point there is no option to limit the users performing permission changes via the File Manager. It seems like a valid request to me knowing that sometimes users indeed are performing changes carelessly without knowing the actual consequences and vulnerability threats. @carini I would like to encourage you to create a new UserVoice request and everyone else who wants to see this feature integrated to vote for it.
 
You must log in or register to reply here.

Similar threads

F
Issue New FTP user becomes owner of all files of the webspace
2
Replies
21
Views
5K
Felix
F
I
Question Permission for Plesk ssh User
Replies
1
Views
2K
scsa20
scsa20
A
Question FTP users can still delete files they don't have permissions for?
Replies
2
Views
1K
awfy4
A
WebHostingAce
Input Magento 2 | Plesk | Varnish Setup in a Docker
Replies
1
Views
6K
WebHostingAce
WebHostingAce
Christoph Farnleitner
File owner in subscription is unequal to sys user (actual file owner-name is set to a FTP-user name)
Replies
2
Views
2K
Christoph Farnleitner
Christoph Farnleitner
Back
Top