: How to Safely Share Access with Freelance web developers I have a running website developed in Magento CMS and hosted in AWS EC2. I just recently hired a freelance web developer located overseas
I have a running website developed in Magento CMS and hosted in AWS EC2. I just recently hired a freelance web developer located overseas to revamp my website (design, features,etc).
I have no background in web development so pardon my basic questions.
The freelancer asks for all the data of my website. I know I have to share some access but I really need guidance on what and how much to share.
I asked a friend to create a login credentials to access my server using SFTP in filezilla. The freelancer can now access and download all files under var/www/magento. I thought this is enough but now the freelancer is asking for database. I am not sure how to get him this or if I even need to share him this.
Should I share access to magento admin panel? How do I share the database of my website?
Should I create another user in AWS IAM? If yes, what will this be used for and what is the right permission level?
Thank you so much in advance.
More posts by @Radia820
1 Comments
Sorted by latest first Latest Oldest Best
You have already created a new SFTP account with restricted directory access, which is one of the precautions to consider.
If you are worried about the freelancer guy tampering your database, that still can be done with only FTP access. As he can access your Magento installation directory, he can get your database credentials and use those in a PHP script to tamper database, if he really wanted to do that.
You can keep an eye on him by checking FTP transfer log and Apache access log.
About Magento admin panel, there are certain cases where it is really necessary to access admin panel to test the new code changes. In some cases, creating a different admin user with restricted permissions would also help. I think there are plugins for that.
And about sharing database access, the permission level depends upon what type of work he is doing. If he want to create a new table then you need to provide him a database access with table creation permissions.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.