Sorry for posing here, but i could not find a suitable section.

I am a bit worried about my private data from projects on the internet.
I will just explain my worries.

In cpanel I have file manager, from file manager I select a folder
then a file, I set the permissions on that file to user only, read and write.

Now I thought that Only myself, or my php scripts could access the content of that

But I navigated to the page (public url address of the file) from another locationout
of chance, and to my horror, the whole content of any file that is not php (text, dat etcetera)
Is publicly visable.

My question is, Is this normal? am I wrong to thing they would be private.

I really thought I have access when logged into cpanel, but no-where else.

Please advise if you have any knowledge of this.

Thank you for reading.

No, it's not normal. But cPanel has a snag. Perhaps you added the user/pass combination, but forgot to check the box "protect this folder".

I never used any passwords, the file should not be visible to world, and should serve a "you do not have permission" type page.

I've since tried it on another host and it acted just as I thought it should.

I'm just working around the issue now until I find another host.
I don't like being told a pack of lies and nonsense from someone who I'm paying.

Thanks for reply.