Developer Woes
-
Hi,
We would greatly appreciate your advice on this matter.
Recently we contracted a freelance web-based worker to work on our WordPress website. We required them to fix some issues with the site that included a change to menu functionality, content and layout.
While in discussions about taking the job, we found the worker very competent and we trusted them enough to create a new admin user account on our WordPress site. We provided them the DB password.
Immediately following proving the the WP-login the developer also requested Cpanel password, and while we would usually be reluctant to provide this, because it also provides access to email accounts, this was a new site and we had no issue with providing the Cpanel info. The developer then also requested FTP login info, and we provided that.
We provided the developer this access before agreeing terms with them to do the work and the purpose of this was to provide them a transparent view of what we already had so they best provide us with a quote and timeframe for the work.
We agreed terms and contracted the freelancer to work with us (a 2-3 day job). 24 hours into the job the freelancer requested the website’s main wp-admin user accont login info. We wanted to know why and they said that this provided them access to “the folder” we asked what folders and got not reply, we pressed for an answer and were told that this login info allowed the contractor to edit the css and page templates, however it is our understanding this can be done from the Themes editor panel under any site admin user, which they were.
We resisted providing this login info, our concern was that the main wp-admin user account could be used to delete and reset other users and would hand over complete control of our site. Again, we pressed the contractor for why they needed this logon and they would not answer us clearly merely repeating the need to access css and templet file… they eventually withdrew from the contract.
This caused us considerable problems because we had negotiated the job over a few days and we were working to a deadline, we had rejected other contractors in favour of the contractor we’d chosen and the breakdown has impacted on us in terms of the completion of the work and our ability to contract other developers.
To be clear this is our website, we are not a service provider.
While WordPress may be a great software we feel we are always vulnerable when hiring developer services, especially when it comes down to what level of access to provide them as different developers will request different access. A developer/programmer needs to be able to do their work and there is no point in us preventing them from doing it because of bad information or bad experiences. This leads us to our inevitable question…
1. What does a developer need access to? And
2. What is the best way to set up developer access.We feel providing them a wp-admin User access to the site and database password should be enough. There are plugins for WP that would allow a user to download site files if the wanted or needed to.
3. So why the Cpanel and wp-admin site owner login details?
I appreciate your help on this because it help us contract work better when we are informed about what we need.
- The topic ‘Developer Woes’ is closed to new replies.