Allowing third party access to control panel


#1

I have a developer that is going to install some scripts and a mysql database to add new functionality to my site.

He says that he needs access to the CPanel, I’m assuming he means my dreamhost control panel. This seems like a HUGE security risk.

Is there a way to allow him limited access to get his work done but not get into my account info, etc?

It seems FTP/Telnet is not something he wants to use because the CPanel will be easier.

I believe he is trustworthy from the reviews I have read, but I do not know him personally.

Any tips on how to work with third-party developers would be greatly appreciated!


#2

[quote]This seems like a HUGE security risk.

[/quote]

Agreed. The DH panel doesn’t allow secure restrictions to sub-users IME.

[quote]Is there a way to allow him limited access to get his work done but not
get into my account info, etc?

[/quote]

None other than FTP/shell, to my knowledge.

[quote]It seems FTP/Telnet is not something he wants to use because the CPanel will be easier.

[/quote]

I know of nothing possible on FTP/shell but easier on the Panel.

And beware of giving him even FTP/shell - by default he’ll have access to /all/ your files, not just that site’s.


#3

The little voice in the back of your head is speaking loud and clear and you should listen to it.

First of all, Dreamhost doesn’t have CPanel, so you should check with your developer to see if he can do the installs without it.

A solution you could consider is creating a new FTP user that has access ONLY to a new subdomain you would create. Similarly, you would create a new MySQL database with a user/password that is good ONLY for that db.

Once all the installs are done, you can remap the directory to wherever in your site you want.

I think this would work.


#4

give him ftp access but limit his directory space to like /thisarea/


#5

Our web panel does allow you to offer restricted access to specific parts of your account via Account Privileges, which can be found here:

https://panel.dreamhost.com/index.cgi?tree=home.access&

I don’t know if it will do what you need as you didn’t provide much detail (I think because your designer didn’t provide you with much).

To use this, you would have the designer set up an additional web ID on this page:
https://panel.dreamhost.com/id/

And then you could open up access to domains, users, databases, etc. to the new ID he sets up.

  • Dallas
  • DreamHost Head Honcho/Founder