• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Limit user power to change file and permission

carini

Basic Pleskian
Server operating system version
Ubuntu 22.04.4 LTS
Plesk version and microupdate number
Plesk Obsidian v18.0.63_build1800240825.09
Good morning,

We are frequently encountering problems where users are making unauthorized changes to permissions on their sub-domains, leading to broken sites. It seems some users, lacking proper sysadmin skills, are making changes and then blaming us when things go wrong.

Is possible to implement restrictions to prevent users from changing permissions or creating files and directories outside the webroot?

Screenshot 2024-08-28 at 19.51.58.png
 
Some users start fiddling with file permissions when their website doesn't work as expected. Plesk might want to implement this.
 
Yes that would be good idea to implement. But telling to the customer to not touch permissions should be sufficient. just inform them that the permissions is not causing the website to work as expected
 
You raise a valid point about informing users, but the challenge is identifying the right moment to do so. In many cases, users might not seek help before making changes or might involve a third party who lacks direct communication with us.

Given this, having a system-level restriction or safeguard could help prevent issues before they arise. While educating users is important, it might not always be sufficient to avoid these problems.
 
My customers never have this issue. It’s common sense for a human not to touch that which he does not understand
 
Yes that would be good idea to implement. But telling to the customer to not touch permissions should be sufficient. just inform them that the permissions is not causing the website to work as expected
No, it is not. The can also weaken the security of their site by giving 777 permission everywhere.
 
Unfortunately, at this point there is no option to limit the users performing permission changes via the File Manager. It seems like a valid request to me knowing that sometimes users indeed are performing changes carelessly without knowing the actual consequences and vulnerability threats. @carini I would like to encourage you to create a new UserVoice request and everyone else who wants to see this feature integrated to vote for it.
 
Back
Top