Knowledgebase
Is it secure to provide CMS2CMS with access details for my website or server?
Posted by Olena Kerentseva on 28 November 2014 02:35 PM
CMS2CMS support technicians may require access to a website, web server and database in order to investigate issues or fix the reported problems. We completely realize that this kind of access information is highly confidential, and is best kept private. With this in mind, we ask for access credentials to your website only when it is absolutely indispensable. We have taken every precaution to ensure that our systems which deal with access information are highly secure and reliable. Still, there are additional precautions that we recommend our clients to take before providing us with access details. In all cases when access to a website is requested, we will make it clear to you exactly what kind of access is needed, and for what reason.

Brief summary

  1. When providing a technician with your website access credentials, it is best to change the password of admin account being provided temporarily while the issue is being resolved by us.
  2. Once your issue has been fixed, you should change the passwords of all provided accounts as soon as possible.
  3. In all cases where access to your website is needed, the technician will explain to you what kind of access is necessary.

Access to your website

Depending on the task which needs to be performed, a CMS2CMS technician may require access to your website. We strongly recommend you to change the password of Admin/FTP accounts being provided with a random password for CMS2CMS support duration period of investigation, with only the essential permissions to your website.
  • Change the existing password of user/staff account with a random and complex password.
  • Right after your issue has been fixed, change the passwords to all provided accounts.

Access to a website administrator account

More often than not, we will require access to an administrator account on your website. Follow the steps outlined in the Access to your website section of this article.

Access to an FTP or SSH account

In order to investigate the problems, CMS2CMS support may require access to the files of your website. Follow the steps outlined in the Access to your website section of this article. Make sure that this account is a user-level account that has access to the directory where your CMS software is installed, unless our technician specifically requests an unrestricted access account (see below).

'Root' (unrestricted access) to your server

If a technician asks for 'root access' to your server (a root account with unrestricted permissions), please do not be alarmed. Only in the rarest of cases will we ask for this type of access - i.e. when our ability to diagnose and resolve your issue absolutely requires it (such as generating or monitoring server logs, or making server configuration changes). When providing us with root/unrestricted access to your server, it is imperative that you follow the temporary account creation steps outlined in the Access to your website section of this article.

Firewalls and IP based authentication

If your systems use or are protected by IP address authentication (e.g. if you have a firewall), please let us know about this and we will provide you with the list of our office IP addresses to allow through.
(0 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).