How to Give Access to Your Developer
When granting access to your web hosting account, it’s crucial to ensure you provide the appropriate level of access to your developer while maintaining the security of your account. Here’s a comprehensive guide on how to do that safely and effectively.
Access Levels
-
Full Access (Not Recommended for Developers):
- This level includes full control over your hosting plan, billing information, and personal financial data. You should never give this access to a third-party developer. Instead, manage your customer account independently.
-
cPanel Access:
- If your developer needs extensive control over website files and databases, you can share your cPanel username and password. This allows them to manage files via cPanel or FTP and access database utilities like phpMyAdmin.
- Important: If you grant cPanel access, ensure you remove it after the work is completed.
-
FTP Access:
- You can create a dedicated FTP account for your developer. This allows them to upload, download, or edit files without granting full cPanel access.
- How to Create FTP Accounts:
- Log into your cPanel account.
- Navigate to the "FTP Accounts" section.
- Create a new FTP account with specified access to only the necessary directories.
-
Database Access:
- If your developer needs to manipulate the database, you can set up a database user in cPanel and provide them with the necessary credentials. You can allow remote database access through MySQL settings.
- Note: They won’t be able to create new databases unless you grant them that capability.
-
CMS Access:
- If your developer is working solely on a content management system (like WordPress), provide them with CMS-specific credentials (e.g., a WordPress user account). This allows them to make changes without access to the server or files.
-
Limited Access:
- If you don’t fully trust the developer, you can ask them to send you files and instructions instead of granting direct access. This way, you maintain control over what is uploaded to your website.
After the Work is Done
Once your developer has completed their tasks, remember to revoke their access to maintain security:
-
Change cPanel Password:
- This will also change the FTP password, ensuring that no one retains access to your files.
-
Delete FTP Accounts:
- Remove any FTP accounts created for your developer.
-
Remove Remote MySQL Connections:
- If you set up remote MySQL access, delete these connections in cPanel.
-
Update Email Accounts:
- If you created any email accounts for your developer, consider deleting them or changing their passwords.
-
Review CMS User Accounts:
- If you created a user account in your CMS for the developer, either change their role to limit access or delete the account entirely.
By following these steps, you can securely provide access to your web developer while protecting your website and sensitive information.
