How do I create an ftp user that only has access to the folder /var/www/html and wordpress? And nothing else?
What do you mean “access”? Does this user need shell access or just ftp?
as you can see there’s a few questions to provide a meaningful answer.
Need an FTP user who only accesses the folder /var/www/html this to be able to upload theme files and other for example WordPress
Forget FTP, it’s an insecure protocol. If a user needs to upload files then they should use SFTP, which is file transfer over SSH.
If you want to limit a user to only being able to access a specific directory, look at using ChrootDirectory in sshd configuration.
If you want to limit a user to only being able to transfer files and not get a shell to run commands then look at using ForceCommand in sshd configuration.
There’s umpteen guides to this sort of thing e.g. CentOS / RHEL : How to Set up SFTP to Chroot Jail only for Specific Group – The Geek Diary That guide, like all the others I can find with a very quick look, tells you put the configuration in sshd_config but if you’re using AlmaLinux 9 then it’s better to put your own configuration in a file in /etc/ssh/sshd_config.d/ (Same if AlmaLInux 8 has a version of openSSH which supports /etc/ssh/sshd_config.d/ I don’t know if it does or not.)
I don’t run unencrypted ftp. I use Let’s Encrypt SSL / TLS. When I connect with FTP
So FTPS then? I repeatedly forget that FTPS exists. I’ve never found any explanation for why anyone would go the effort of setting that up instead of using SFTP which is available by default (assuming an SSH server is running , which it almost certainly is). Out of curiosity, why are you using it?
Take a look at vsftp server config - specifically, setting it up to chroot to the home directory of the user logged in.
So you would create a web user with home directory /var/www/html and configure the vsftp server to allow that user to connect and to chroot when it does.
https://www.cyberciti.biz/tips/vsftp-chroot-users-limit-to-only-their-home-directory.html