Hi, In my tiredness when I wrote my first mail, I missed a couple of important points. We are already using proftpd. Every user must also have the right to write data into the public directory which is above all other directories. We have there /ftp/public and /ftp/users as our two directories. Configuring so that users can only access their own directory is unfortunately not possible, partly because of the need to write to the public area and partly because of the need for users to get to group directories. I've written here because I'm hoping someone else here has already solved this problem and can tell me how they did it. regards Markus On Monday 25 July 2005 20:09, Sean Conner wrote: > It was thus said that the Great Markus Mayer once stated: > > Hi all, > > > > I have a problem at the moment which has certainly been solved elsewhere, > > however I don't find an answer using google. > > [ ... ] > > > If, for example, user143 comes in using ftp and knows that inside group86 > > there is a document called group86/authorised/secure_document.pdf, they > > can get to that document even if there is a .htaccess file in authorised > > protecting access through apache. This applies to all other users too. > > Of course this is unacceptable. > > This is really an FTP problem, not an Apache problem. You'll need to see > if you can configure your FTP server to restrict user access to just their > own directory. I know ProFTPd can do this (since I use ProFTPd in this > capacity) and I think it can also do LDAP authentication (don't know for > sure, since I don't use LDAP for authentication). > > ProFTPd's configuration file has a similar feel to Apache's so it should > be pretty easy to work with if you are used to Apache. You can check it > out at <http://www.proftpd.org/>. > > -spc (In fact, I use the same .htpasswd file for both Apache and > ProFTPd for some of my sites ... ) > > > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx