FTP security


Hey everyone. I’m still new to web hosting and I would like to know if ftp is separate form the rest of the site? In other words, when I upload files to, for example, cherry.dreamhost.com, I see a list of folders/files and the root/home directory. I do not see it in this format /home/username. I just see the root directory of the domain. My concern is that when I upload the files online, can the public access the files under the full URL such as username.com/ftp folder? Sorry if it is a little confusing. I’m just trying to differentiate between ftp and the actual website storage spaces and what is available for public view. Thanks.


Barring unusual configurations, only the contents of web directories (e.g, “yoursite.example.com”) are publicly accessible online.


I’ll be glad to clear things up! Indeed, you would not see the /home/username format. When you’re connected to your server via cherry.dreamhost.com, you are already inside the /home/username directory. In that user directory lies your site directory, usually named yourdomain.com (for example). Only the files inside that yourdomain.com site directory are accessible to the public from a browser. Anything “outside” that directory, which would just be your user directory, cannot be accessed by anyone in a web browser. If you have files uploaded to the yourdomain.com directory that you do not want to be public, you can hide certain sub-directories using an .htaccess file with Options -Indexes in it. It’s explained in some detail here: http://wiki.dreamhost.com/Modifying_directory_indexes

Cedric H
Dreamhost Staff