we are hiring someone to develop our wordpress blog but how do we give our site login info to the site developer without potentially losing control of our site (being locked out) is there a secondary developer's login that i could give them? i was told to never give my login to anyone. what do we do?
security risk - giving login info to site developers / designers (12 posts)
-
dreamHunterProductions
Posted 1 year ago # -
Rev. Voodoo
Posted 1 year ago #well, there is a level of trust that goes with hiring a developer
Don't give them your login, create another admin and give them that login...... but to develop, they need full access
-
Posted 1 year ago #thanks rev. how do i create another admin and give them that login? i kept trying to find that info but couldn't. if i give them that secondary admin login will they then be able to have full access? could they still be able to potentially lock us out?
-
Posted 1 year ago #you can either have them sign up, and then promote them to admin in users tab
or just go to users->add new and add them, set to admin
Yes, they can potentially lock you out. Of course you have full access to the back end (your hosting) so you can always get back in.
When you are hiring a dev, you want them to build you something. There's a level of trust.... you have to hand them the keys.
Just like an auto mechanic, ya gotta give them the keys to work on your car, they could change the locks while they do it......
-
Posted 1 year ago #i'm seriously so green on this whole thing that i don't really understand - but what i think you're saying is that even if we do give them full access and they were to lock us out we would still maintain full access to get back in through the back end? i don't understand what the back end means - we have the site hosted on our website i know that much. so we could get back in somehow through there?
sorry for my limited understanding and thanks so much for takng the time to help out! means alot to me.
ps i have yet to find a mechanic that i really trust ;)
-
Posted 1 year ago #wordpress is made up of a bunch of files. They are uploaded somewhere. That is your host/server. All of your files and posts are stored in your database. Also on your host/server
You pay someone for server/hosting space. godaddy, dreamhost, 1&1, bluehost, etc
the files and the database are the backend. Even if you cannot log onto your WordPress site, you can edit various things from the files and database to regain access. That is also how many problems are fixed in WP.... sometimes themes or plugins can break your WP install and make it so you can't log in. In those instances you need to do various things in the files, or the database
-
Posted 1 year ago #ok thanks. so i guess as long as we don't give them any login info for our hosting site we'll be ok. that helps alot.
-
Posted 1 year ago #ok i'm setting up the new user now. do i set it up as an administrator or editor or...
-
so i guess as long as we don't give them any login info for our hosting site we'll be ok
If it was me doing the work, I'd want full FTP access. Not only can this reduce development time (and therefore, cost) substantially, but it is also vital in case of any fatal errors or issues with plugins.
As Rev said, this boils down to trust. Before you employ any developer, you should have carried out some sort of background checks, got references etc. A professional dev isn't interested in locking anyone out of a site. They probably already have quite a few of their own sites to play with and are far more interested in doing a good job and getting paid promptly. Time spent drawing up a proper project specification and contract pays dividends all round.
do i set it up as an administrator or editor
Use the Role dropdown in the Add User page.
-
Posted 1 year ago #ok thanks. so i guess as long as we don't give them any login info for our hosting site we'll be ok. that helps alot.
as @esmi said they will probably need this access too. You may be able to add them as ftp users without needing to give full access to domain stuff, dns, etc. But you own the hosting, if someone were to lock you out, you could contact the hosting company to be let back in
administrator or editor or
admin
-
Posted 1 year ago #really...hmmm... ok. well thanks you guys. we are hiring someone we don't know at all from elance.com i hope it works out. i have no idea if i can trust them but i do know that their reputation is good on elance so hopefully that means something.
-
Make backups regularly. Good luck.
Topic Closed
This topic has been closed to new replies.
