SFTP users can view server files and folders by simply changing the path to ‘/’. How can this be avoided?
SFTP means FTP access over SSH.
You will have to chroot the individual users in order to prevent them from viewing files outside their chroot jail.
Normal FTP access has chroot isolation at the ftp daemon level.