access to wordpress by hosting company

  • Resolved BillTheLizard

    (@billthelizard)


    7 years, 9 months ago

    hi, i have a client who’s wordpress is hosted at godaddy, but their email is hosted at gmail.com. recently was trying to resolve why my client was no longer receiving contact form emails, only to discover there were issues if godaddy was not also hosting the email accounts.

    while talking with godaddy support, they said they were checking the configuration for the plugin (fs forms) – including using it to send a test email- and a couple of other items. they would only have been able to do this if they were logged in, but i had not given them the password for the wp admin account.

    later, due to a timeout, the password got saved incorrectly, and my client was unable to tell what they had changed it to. again on the phone with godaddy, they were able to provide me with a temporary wordpress password for the admin account.

    is it usual/standard/normal for the hosting company to have direct access into a wordpress install?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    They have the server so they have access to your system. It’s not unusual. If you don’t want them to help that way, ask them not to.

    Thread Starter BillTheLizard

    (@billthelizard)

    i don’t quite understand. i know godaddy has access to the server, but if having access to a web server gives someone the ability to log into the wordpress admin account backend without credentials, then anybody who hacks a shared server could get at any wordpress installs on that machine. how can that be acceptable?

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    You’re confusing someone with administrative level access with a “regular” user.

    Thread Starter BillTheLizard

    (@billthelizard)

    are you saying that if i am an admin on a web server, then i can get into wordpress admin accounts on any wordpress installation running on that machine? or, at least, i can get far enough to change the password for a wordpress admin account?

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Yes, and it’s a GOOD thing.

    Thread Starter BillTheLizard

    (@billthelizard)

    in this case it was, but given the seemingly relative ease with which hackers gain root access on shared servers, i find this a little scary.

    anyway, as i mentioned in my other thread, i don’t normally do much with wordpress other than help modify page templates, and other small display issues. i’m going to recommend to the owner of this site that they get help from someone who has wordpress and wp security as one of their main areas of expertise.

    tx for the info.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘access to wordpress by hosting company’ is closed to new replies.