third party access to ftp and database?

  • jkember1982

    (@jkember1982)


    10 years, 1 month ago

    Hi anyone that can help.

    My clients website is hosted via my 1&1 package, they are looking to work with a thirdparty agency who have an api they would like to link the site up to, which is all fine but the TP has asked for FTP details to the site, again fine (and i have explained the sucurity measures behind this) which again they are fine with and trust this TP.

    They have also asked for access to the DB, which I can’t necessarily give them as all my other clients DB’s are in the same space.

    However should I give the the DATABASE info:

    • Database name
    • Host name
    • Port
    • User name
    • Password

    and if so what are the risks i would face if i do? I’m assuming its not normally good practice to go giving all this info out?

    They could essentially have access to the DB and FTP so could change the info within wp-config file and create a new database? What would happen if they do this? As they wouldnt be able to change where the domain is pointed to, which is all controlled with my hosting (which they dont have acces to)

    Sorry for all the questions, this kind of thing is all a bit beyond my level of knowledge.

Viewing 1 replies (of 1 total)
  • Mark Ratledge

    (@songdogtech)

    10 years, 1 month ago

    Giving access is really entirely up to you. Have them sign an NDA and talk to your lawyer.

    And the amount of access they have via PHPMyAdmin at 1&1 depends on what user permissions 1&1 gives to database users, i.e., if users can create new databases, etc. And you should be able to restrict an FTP user to one directory, but that also depends on 1&1. Ask them.

Viewing 1 replies (of 1 total)

The topic ‘third party access to ftp and database?’ is closed to new replies.