cPanel File Manager and Secure FTP/SFTP Access

You have two clean ways to manage website files: - File Manager inside cPanel (fast, convenient) - FTPS or SFTP with a client like FileZilla (best for bulk uploads)

This guide covers both and the security rules that keep accounts safe.

---

Part A: Using cPanel File Manager

Open File Manager

1. Log in to cPanel.
2. Open File Manager.

Understand the key folders

• public_html/ is the main website root for your primary domain.
• Addon domains and subdomains may have their own document roots.

If you cannot find your site files

Check cPanel Domains and confirm the document root for the domain you are editing.

Upload and extract files

1. Go to public_html/ (or the correct document root).
2. Click Upload.
3. Upload your files.
4. If you uploaded an archive (.zip), select it and click Extract.

Edit files safely

• Use Edit for small changes
• For bigger edits, download, edit locally, then upload back

Avoid editing critical configs blindly

A broken .htaccess or wp-config.php can take the site down instantly. Make a backup copy before changes.

---

Part B: Create an FTP account (recommended for teams)

1. In cPanel, open FTP Accounts.
2. Create a new account with: - A strong password - A restricted directory (best practice)

Restriction strategy: - If the user only needs access to one website, point the directory to that site’s document root. - Do not give full home directory access unless necessary.

---

Part C: Choose the right protocol (FTP vs FTPS vs SFTP)

Here’s the honest truth:

• FTP: not secure. Avoid.
• FTPS: FTP with TLS encryption. Good option on shared hosting.
• SFTP: uses SSH. Clean and secure. Requires SSH access on your plan.

Use FTPS or SFTP whenever possible.

---

Part D: Connect with FileZilla (FTPS or SFTP)

FTPS (Explicit TLS)

• Host: your domain or server hostname
• Protocol: FTP
• Encryption: Require explicit FTP over TLS
• Port: 21
• Logon type: Normal
• Username/password: your FTP credentials

SFTP (SSH File Transfer Protocol)

• Host: your domain or server hostname
• Protocol: SFTP
• Port: 22
• Username/password: your SSH credentials

Which hostname should I use?

If you are unsure, use the server hostname or the primary domain. If TLS complains about hostname mismatch, contact support for the correct endpoint.

---

Part E: File permissions (the safe defaults)

Bad permissions cause hacks and outages. Keep it boring.

Typical safe defaults: - Files: 644 - Folders: 755

Avoid: - 777 (world writable). This is a security smell.

---

Optional: SSH keys for SFTP (if SSH is enabled)

1. In cPanel, open SSH Access.
2. Go to Manage SSH Keys.
3. Generate a new key or import your public key.
4. Authorize the key.
5. Connect with your SFTP client using the private key.

---

Troubleshooting

“Permission denied” when uploading or editing

Usually: - Wrong folder - Wrong permissions

Fix: - Confirm document root in Domains - Use permissions 644 files, 755 folders

FTP connects but directory is empty

Usually: - FTP account is restricted to a different folder

Fix: - Edit the FTP account and set the correct directory

FTPS certificate warning in FileZilla

This can happen if the hostname does not match the certificate name.

Fix: - Use the hostname recommended by support - Accept and store the certificate only if you recognize the server

SFTP fails to connect

Usually: - SSH not enabled for the account/plan - Firewall blocks port 22

Fix: - Confirm SSH availability in the Client Area or with support

---

Summary

• Use File Manager for quick edits
• Use FTPS or SFTP for secure transfers and bulk uploads
• Keep permissions sane: 644 files, 755 folders
• Restrict FTP accounts to the minimum required directory