In some cases you want to set up an “upload only” FTP account, which allows a user to upload files, but not list directories, download or delete files. This is typically used when you want to give out the credentials for an account to multiple people so they can upload content (mp3s, videos, resumes, etc.) but not affect what others are doing.
cPanel gives you two choices of FTP server – PureFTP or ProFTP. PureFTP is simpler and smaller if you just want a quick and dirty FTP site. For more advanced configuration, ProFTP is recommended. ProFTP has a feature that is a lot like Apache’s .htaccess file, allowing you do make per-directory configurations without modifying the main config file. Any directives that can appear in a ProFTP <Directory> stanza can appear in an .ftpaccess file and will be applied to the directory in which the file resides.
First make sure you’re running ProFTP and not PureFTP – you can change this setting with no loss of information from within WHM. If you don’t have WHM access, you’ll need to ask your provider to switch FTP servers. Here’s the config for an upload-only FTP account called ‘uploadonly’ – the account will need to have been created from cPanel first. Name this file .ftpaccess and put it in the directory where you want the uploads to appear. I usually create a separate directory and apply quotas.
<Limit ALL>
DenyUser uploadonly
</Limit>
<Limit CDUP CWD XCWD XCUP>
AllowUser uploadonly
</Limit>
<Limit STOR STOU>
AllowUser uploadonly
</Limit>
This type of configuration where we deny everything, then allow only what we want is more secure than allowing everything and denying specific operations. More configuration options are shown on ProFTP’s configuration page – anything that can belong in a <Directory> stanza can go in the .ftpaccess file and avoids having to edit cPanel’s ProFTP configuration file.