The Daily Blog
2009
Jul
7

Web hosting security

Imagine for a moment  that you’ve hired a plumber to install a new bath for you. When it came to paying them, you would probably write them a cheque or pay in cash. What you certainly wouldn’t do is give them your debit card and PIN and tell them to help themselves at a cashpoint.

Yet we’re often contacted by customers who have had a disagreement with their website designers or ex-employees and are embroiled in a bitter dispute as they’ve lost control of their services and ownership of their domain names after handing over all their personal details (include their credit card details) and usernames, passwords etc.

Here’s a few hints and tips to help you avoid situations like this:

Website Designers only need your FTP details
If you are hiring a third-party designer to build your site for you,  all they’ll need is the login details for your website (also known as the FTP details). This is to allow them to connect to your webspace and upload/download files. These details are found in the ‘Hosting’ section of your Control Panel and we have a Knowledge Base Article showing you how to access this page.

You should never give your designers the username and password for your Daily Control Panel. These would not only give them access to the hosting, but also all your personal details, payment details, other domain names etc. Someone with level of access could easily transfer your domain names away altogether!

Make sure domain names are registered to you!
All domain names have a legal registrant. This is very important because this shows who actually owns the domain, no matter what company is looking after it or who paid for it initially.

If someone else is registering a domain name on your behalf (not uncommon when hiring a designer to build your site), we strongly urge you to make sure that they’ll be registering the domain in your name and not their own. Otherwise, you could find you have problems transferring the domain name (if all the automated requests are going somewhere else) and in the event of a dispute you’ll find you’ve little to no claim to that domain if you’re not down as the legal registrant.

Keep your login details secure
We understand that in certain limited cases you need to share your Daily Control Panel login details with other people, for example a trusted partner in your company.  In this case, we advise that if you ever do have any changes of staff then you immediately update your passwords and security question (all easy to do in the ‘My Account’ section of your Control Panel). It is not unknown for a disgruntled ex-employee from a customer’s company to log in and make  unwanted changes to services or account details.

However unthinkable a bitter dispute might sound now, it’s a lot easier to take some basic precautions than to try to unpick the mess if you don’t and things go sour.

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • Technorati
  • email
  • Fark
  • Furl
  • Live
  • Ma.gnolia
  • Pownce
  • Reddit
  • StumbleUpon
  • TwitThis
By Ray | Posted in Hints & Tips
Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*
All prices exclude 17.5% VAT unless otherwise stated. All registered trademarks acknowledged.