How to share hosting details, FTP, and other sensitive data securely?
FTP stands for File Transfer Protocol. You will need to give out the data to your developer when there are some changes to be made. They will have access to the files when you send them the data. These are sensitive information that you need to protect. If the information goes in the wrong hand, they could also take control of your website and hosting. Therefore, you will need to make sure that you transfer all your data securely. We are going to see the exact procedure to send your data such as hosting details, FTP details, etc more securely.
Here are all the major steps that you need to take to share the data privately.
The Difference between Hosting and cPanel
Well, the first thing that you need to know is the difference between hosting and the cPanel. At first, you will have the hosting details. The next is the cPanel details. One can manage all the billings and other hosting products from the hosting provider. However, one can only manage a particular hosting account with the cPanel.
In other words, with cPanel, the person will not be able to access the billing section. Also, it is possible to change the password of the cPanel account from the hosting panel.
So, the bottom line is that you should always give the cPanel password (if needed) to the developer and not the hosting account details. Therefore, even if the developer tries to scam you, you can still change the cPanel password from your hosting account.
Usually, here the main things that you need to share will include the URL, username, and password. The URLs are different for each of the hosting panel. You can get all of these details from the hosting panel.
Before you directly email the details, make sure you read the complete article before you give them the details.
The WordPress/CMS Panel
Now, the next thing you need to know is the WordPress admin panel. If you are using a CMS such as WordPress, you won’t even have to give the cPanel details. Almost half of the work can be directly done using the WordPress dashboard. So, you can ask your developer whether they will need the hosting details or they can do the same thing from WordPress/CMS panel itself.
In such cases, you can share the WordPress panel details and not the hosting details. In most cases, it will work like a charm.
If you give out WordPress details instead do hosting details, you will have to worry less about the other things. In simpler words, the person won’t have access to all of your websites. Also, there are no major changes that they will be able to make if you only give them WordPress details. So, this can be one of the ways that you can go with it.
So, don’t forget to ask your developers if they do it directly with the WordPress panel or they will need the main access.
Most of you might already be knowing about it. If not, FTP details are using which the developer can upload the files and modify the existing files.
It usually consists of a hostname, username, and password. Along with this, you will also have to give the port number too. The port number is common. So, that’s not an issue in most cases.
The FTP details are sensitive and you shouldn’t give out to anyone. You can further use SFTP for more security. The S stands for security here.
With the FTP details, the developer can open your file manager. If you have more than one website, they will be able to access all of them easily. To make these things easier and secure, you can create an FTP account.
The cPanel allows you to create different FTP users depending on the directory. In simpler words, you can create an account that will link tp a specific category only. Talking about the account, we are here with the next point that you should keep in mind. That is related to account but applies everywhere and not just on the FTP account. This will help you in sharing the details with better security.
Create Temporary User and Password
Most people make the mistake of giving out the original cPanel password. Now, let’s just admit that most of us will be using the same or similar type of password in many other places too. Therefore, you have a chance to get a compromise.
So, if you are using your custom password for cPanel, you can change it and create a temporary password that you will change later on. You don’t need to change the password if you are using an auto-generated password.
Now, when the work is done, you should revert to your old password or you can change it to a new one. You must change the password so that the developer or the person won’t have access to the cPanel afterward. So, these small steps will help you in securing your website from attackers.
Now, let’s talk about FTP and other details. If you want to share the FTP details, you can surely create another FTP account in your cPanel. Make sure you only allow the new account to access a particular directory. This directory should be the directory of the website where the developer will make the changes.
In this way, they won’t be able to access any other websites hosted on your server. That’s exactly what you want, right?
Please note that if the developer needs to update the database then they might need cPanel access and they can’t directly make the changes from the FTP. With that being said, the next thing that you should keep in mind is security while sharing the password and the other details. You need to maintain security while you are sharing the details.
Sharing Sensitive Details Securely using 1ty.me
“Let me email my hosting and FTP details to my developer”, this is the worst idea that might come to your mind.
You can’t directly email sensitive information.
- Emails are easily hackable. One can easily intercept the email and find out the details. You will need to find a more secure way to send the data.
- Developers can access the email anytime they want. This might simply give them access anytime.
Hence, you will need to go with a more secure way of sharing sensitive information. Luckily, you can use 1ty.me for sharing sensitive information.
1ty.me is a service that allows you to share notes with one-time self-destruction features. In simpler words, you can share the information with the target person and the note will automatically be deleted after they view it once.
The advantage is that here you don’t need to worry about any middle man attack. Your data is safe. It won’t be stored on any servers. Once the link is opened, it will automatically get destroyed after closing the link. So, sensitive information is safe here.
Let’s have a look at the steps and how you can share sensitive information with 1ty.me. The steps are easy and it won’t even take more time to share the details. It’s a three steps process using which you can share the sensitive details easily. We will be seeing the three steps as well as we will see some of the extra details that you need to keep in mind. This will help you in making secure sharing. There are some of the small features that you can use. We will be discussing that along with the steps. So, let’s get into the steps to share sensitive information securely.
Steps to Share Sensitive Information with 1ty.me
You will first have to visit the website 1ty.me. It is a responsive website so you can even open it on your mobile phone. The first step will be to open the website. Now, you can copy the details from your original website.
Here are the three steps that you can follow thereafter.
1. Write the sensitive information in the space given in the website. You can write down all the details. Click on the Generate link button given. It will generate a link that can be shared with anyone.
2. You can now email the link or simply IM your developer. You can use any means of communication to send the link.
3. When they open the link, they will see the complete information and the details that you shared. The good thing is that it will only be visible until the time the link is opened. No one will be able to open the link again and the data will be destroyed.
The data isn’t even saved on the website’s server. So, there is no possible way to recover the data. Once you send the link, the data is gone. No one will be able to view the data (not even you or the website owner).
Now, you probably might be wondering if there was a way to find out when the note was opened, right? For that, you can click on the “Notify me” button on the bottom. It will ask you for your email address and you will also have to name your note. When you enter your email address, you will get an email when the link is opened. You can set a custom name for the note. For example, you can writ eh website name to identify the note.
Should you Share the Hosting Details?
Well, the last question that you probably have in your mind is whether you should share the hosting details or not. Well, you will need to share the details at one point. Today, most of the development will need access to the files as well as to the database. So, you will have no other option but to give it. Therefore, you will need to give the email, password, and other hosting details.
However, you need to make sure that you share it with 1ty.me and you also need to make sure that you have created a new temporary password. There won’t be an option for a temporary password. You just need to create a password and then change it later on.
You can always create an FTP account with the developer’s name. When the work is completed, you can simply delete the FTP account. the same applies to WordPress.
Further, you can use a log file to check what are they doing. You can set up a log file where you can see the details about what the user has done on the website. Some of the hosting panels allow you to do it directly. This can be very useful and you can know what are they doing.
That’s the reason why you should go with trusted and reliable developers. You won’t have to worry about your details getting compromised. You will be safe and you will know that they won’t make unnecessary changes.
If you are trying out a new developer, make sure you follow all the above-given things.
To conclude, this was all about how to share sensitive information such as hosting details or FTP details to anyone in the most secure way. You should be using the same technique to share the details. In this way, your data will be safe.
If you are using WordPress or other CMS, you can go with the maintenance service. They will usually take care of all the things. So, the bottom line is that you will not have to worry about anything as you don’t have to give the hosting details to anyone. Also, they will do small updates for you. This is useful for non-technical people.
If someone tried to change the password of your cPanel, you can surely revert it from your hosting panel. If they made some major changes, you can always contact your hosting support team. They will help you out.