Locking down 1 directory...

[swish]

Hey guys,

 

So heres my "how to do it" question. lol

 

I need to lock down a folder within a game install to prevent it from being uploaded to. (the screenshot directory)

 

Is there any other way than "hiding" the folder?

If the fodler is hidden will files continue to be written in the folder (the screenshots)?

 

Im looking for the best/simple way to get around this one.

[ECF]

If you hide it, the user cannot see it at all.

[swish]

Thats my delima. There really is no need for the user to go into the folder. And i created the button in the CP for them to delete all SS's.

 

But I am just not sure if hiding the folder is the best way to go about "blocking it from allowing uploads"

[ECF]

If you hide it they can't see it in the filemanager or the FTP, so they won't know it's even there.

[swish]

Would that be your choice to accomplish what im trying to do?

 

Would files still be written into that folder if its hidden?

[swish]

Is there anyway to "modify" the ftp permissions globally?

[ECF]

Not if the servers are already setup.

[swish]

I took the easy route and just restricted the file type. Hey it works

[adamnp]

That works, but as ECF pointed out in another post some games might require that file extension, so remember that you did that should any issues arise.

 

I personally just make the folders hidden. If they have no clue its there, 95% of them won't even know.

[69Troubleman]

Bumping an old thread. I need to lock down the svss folder so that ss's are still written to it, ss's are able to be downloaded, and it's able to be seen via the FTP. How can this be accomplished as a default for all of my IP ranges?

[JasonF]

Just curious how this is locking it down? You basically want access to the svss folder which means you do not want to prevent people from viewing it.

[ECF]

Changing the windows permissions on the folder to read only may accomplish this.

[69Troubleman]

Just curious how this is locking it down? You basically want access to the svss folder which means you do not want to prevent people from viewing it.

 

I should clarify that we use the term "locked" to mean that you are unable to upload shots to the folder. You will still be able to download and view them.

 

By "locking down" the svss folder, this assures that a person can't photoshop a screenshot, upload it to the svss folder, and then submit that screenshot to an anti-cheat organization to get the player in the screenshot banned. Our ACO does not accept ss's from unlocked svss folders, thereby assuring a player can't be "framed" and thus banned.

 

Many server providers have their svss folders locked as default. I'm working with a server provider to help him set up his server's this way so we can add them to our list of approved IP's. But he's unsure of how to do this without entering each server individually, which is too time consuming.

[VicToMeyeZR]

how I did it, and it works great.... log in remote to your computer. Create a user account(with admin priviledges) stop the monitor-console.exe program. find it and right click on it, and select "run as" enter in the user details you just created. Go to your IIS and right click one of the websites created. (for the SS) and select permisions.. click on Advance > and Add.. enter in the user account name you jsut created, and add all view access, and deny all write, and take control access. What that will do is prevent tcadmin(also the FTP account) from writing to the svss folder, but still allow punkbuster (CREATED OWNER) to write to it. I haven't figuyed out how to make this the default settings yet, I tried to set the default website with the same permissions, but that hasn't worked yet.. But manually blocking them works fine for now.

[69Troubleman]

Thanks V. Much appreciated.

[DH99]

I had a trouble ticket reply that gave a line or lines to add to monitor.cfg? that basically denied ftp write to any dir named svss which worked perfectly. I came here today to search to find it again, but alas its not on the forum. Hopefully this info can be provided or this will refresh someone's memory. Most AC groups don't care about d/l or even visibility of files, just that files can't be uploaded to that directory. Thanks for anyone that can remember or dream up what the line was again.

[swish]

Just restrict it .png extension in your FTP settings in the TCA Settings

[DH99]

it was presented another way which was what i was looking for, I'll just open another ticket. There's probably 10 ways to do it, was looking for a specific one I had. Thanks though.