Anonymous FTP allows users to connect to your FTP server without a username or password. This poses a significant security risk, as anyone can upload or download files without authentication. It is strongly recommended to disable anonymous FTP logins on your server.
Step 1: Log in to WHM
Open your browser and navigate to https://your-server-ip:2087. Enter your root credentials to access the WHM dashboard.
Step 2: Navigate to FTP Server Configuration
In the left-hand sidebar, go to Home » Service Configuration » FTP Server Configuration.
Step 3: Disable Anonymous Logins
Find the Allow Anonymous Logins dropdown menu. Select No to prevent anonymous users from accessing your FTP server.
Step 4: Save Changes
Click the Save button at the bottom of the page to apply the change.
Important Notes
- The FTP Server Configuration interface is only available when FTP services are enabled on your server. If you do not see this option, check WHM » Service Configuration » Service Manager to ensure FTP is enabled.
- WHM supports both Pure-FTPd and ProFTPD as FTP servers. The Allow Anonymous Logins option is available regardless of which FTP server you have selected.
- While you are on this page, consider also enabling TLS Encryption Support and setting it to Required to enforce encrypted FTP connections.
- Disabling anonymous FTP does not affect authenticated FTP access for cPanel accounts.
- You can further secure FTP access by configuring TCP Wrappers through the
/etc/hosts.allowand/etc/hosts.denyfiles.
Troubleshooting
- Cannot find FTP Server Configuration: Ensure FTP services are enabled in Service Manager. Also verify you are logged in as root — resellers do not have access to service configuration settings.
- FTP not working after changes: Check that the FTP server is running by visiting WHM » Service Manager. If issues persist, restart the FTP service.
- Users still connecting anonymously: Verify the setting was saved. Also check that no custom FTP configuration files are overriding the WHM setting.
