This guide explains how to manage user access and permissions in cPanel. You will learn how to create and control access for FTP users, Web Disk users, database users, and cPanel logins, as well as how to secure access with two-factor authentication and directory protection.
- Understanding User Types in cPanel
cPanel uses several different user types, each with its own purpose:
- cPanel Account User
Full access to the entire hosting account. - FTP Users
Access to specific folders for file uploads and management. - Web Disk Users
Desktop-style access to selected directories via WebDAV. - Database Users
Access to specific MySQL databases. - Email Users
Access to their own mailbox only.
Each user type has its own permissions and is managed separately.
- Managing cPanel Account Access
The main cPanel login has full control over the hosting environment.
To secure this access:
Change the cPanel Password
- Log in to cPanel.
- Click your username in the top-right corner.
- Select Password & Security.
- Enter a new password and save.
Enable Two-Factor Authentication
- Go to Security > Two-Factor Authentication.
- Click Set Up Two-Factor Authentication.
- Scan the QR code with an authenticator app.
- Enter the verification code.
This adds an extra layer of protection to your account.
- Managing FTP User Permissions
FTP users can be restricted to specific directories.
To create or edit an FTP user:
- Go to Files > FTP Accounts.
- Create a new user or edit an existing one.
- Set the Directory the user should access.
- Choose a Quota if needed.
FTP users cannot access areas outside their assigned directory.
- Managing Web Disk User Permissions
Web Disk users function similarly to FTP users but use WebDAV.
To manage Web Disk access:
- Go to Files > Web Disk.
- Create or edit a user.
- Set the Directory and Permissions (Read-Write or Read-Only).
This is ideal for users who prefer a mapped drive on their computer.
- Managing Database User Permissions
Database users control access to MySQL databases.
To manage database users:
- Go to Databases > MySQL Databases.
- Create a user or select an existing one.
- Assign the user to a database.
- Choose the permissions:
- All Privileges for full access
- Or select specific privileges for restricted access
Database users cannot access files or other parts of the hosting account.
- Managing Email Account Access
Email users only have access to their own mailbox.
To manage email users:
- Go to Email > Email Accounts.
- Create or edit an account.
- Set a password and storage quota.
Email users cannot log in to cPanel or access files or databases.
- Protecting Directories With Passwords
You can restrict access to specific folders on your website.
- Go to Security > Directory Privacy.
- Select the folder you want to protect.
- Enable password protection.
- Create a username and password.
Visitors will be prompted to log in before accessing the protected directory.
- Using IP Blocker to Control Access
You can block specific IP addresses from accessing your site or cPanel.
- Go to Security > IP Blocker.
- Enter the IP address or range.
- Click Add.
This is useful for blocking suspicious activity or repeated login attempts.
- Best Practices for Managing Permissions
- Use separate users for FTP, Web Disk, and databases instead of sharing credentials.
- Give users only the access they need.
- Enable 2FA on the main cPanel account.
- Use strong, unique passwords for all user types.
- Review user accounts regularly and remove any that are no longer needed.
- Troubleshooting Common Access Issues
User Cannot Log In
- Password may be incorrect.
- Reset the password from cPanel.
Permission Denied Errors
- The user may not have access to the correct directory or database.
- Update the directory path or privileges.
FTP or Web Disk Not Connecting
- Check the assigned directory.
- Ensure the user has the correct protocol (FTP vs WebDAV).
Database Connection Errors
- Confirm the user is assigned to the database.
- Check the host is set to localhost.
