technical noob question: when you provide hosting login for outsourced site builders

P

paulseowork

New member
Nov 15, 2011
29
1
0
When you order site designs or even a complete site from a service provider, they need hosting login to load the site.

Are you just supposed to provide them with cpanel logins?

Isn't this a security risk if you have other sites on that IP? They can insert scripts into other sites and you wouldn't notice, not to mention they can ID your adsense codes and niches. Or they could also install random cron jobs, mail jobs, or a million other things. It would be a pain to check for all of these.

Is there someone way to limit this from normal shared hosting (i.e. like hostgator or something, no admin/ssh privileges, just cpanel).

Am I being paranoid, or do people just provide logins and not worry about this?
 


get a reputable service provider that should solve most of your problems

you can give them reseller options I think and limit what they have access to on that server but you should call your host and ask them I am sure they can help
 
rockstar45177 said:
get a reputable service provider that should solve most of your problems

you can give them reseller options I think and limit what they have access to on that server but you should call your host and ask them I am sure they can help
Click to expand...

Thanks, the reseller option sounds like a simple idea that would work.
 
A lot of time all they need is FTP / DB information, not direct access to control panel. After they install for you, you can change the pw on FTP. Still leaves the DB vulnerable tho.

In reality if you have not vetted the person enough to trust them you should probably go with somebody else, or ask more questions.
 
setup an FTP account that only gives them access to the directory that you are pointing that domain tool. Follow the minimum access needed rule to protect yourself
 
Clone the directory onto a wamp, load it up onto a shitty laptop, and worst comes to worst they just hacked your porn computer. If they do a good job, just upload the new site from wamp to the server.
 
rockstar45177 said:
get a reputable service provider that should solve most of your problems
Click to expand...

That's #1. With huge site overhauls and stuff, I would only trust a reputable service provider. Not only would they be less likely to have any interest in screwing you, they don't want their current rep to go down the drain.
 
You must log in or register to reply here.
Top Bottom