Results 1 to 6 of 6

Thread: Giving access to a freelancer

  1. #1
    Member Array
    Join Date
    Mar 2015
    Posts
    19
    Likes (Given)
    1
    Likes (Received)
    2

    Question Giving access to a freelancer

    Hello,
    I am facing some technical issues with my blog. I am intending to assign a freelancer to handle these issues. I found that I have to give here administrator access to the wordpress dashboard to solve the problem. I am not really very comfortable about this although I know the freelancer personally.

    What do you think about this? what you do if you need freelancer help with wordpress issue?

  2. #2
    Member Needs New Keyboard Array
    Join Date
    Mar 2015
    Location
    Beaver Falls, PA
    Posts
    740
    Likes (Given)
    17
    Likes (Received)
    92

    Default

    I have been in that situation a few times, mostly for work on my forum. You can always change the password after they finish. I think since you know the people you don't need to worry. I was picking people I didn't know off a forum for the software but did pick people who had posted a lot and who had done a lot of projects for people.
    Ray Badger, Turbo Technologies, Inc.
    www.TurboTurf.com www.IceControlSprayers.com

  3. #3
    root Array Harold Mansfield's Avatar
    Join Date
    Aug 2008
    Location
    Las Vegas
    Posts
    9,374
    Likes (Given)
    1016
    Likes (Received)
    946

    Default

    If you have a technical issue that needs to be solved and you want someone to fix it, there is no way around it. They need access. Depending on the issue they may even need access to your hosting. If you're paying by the hour it's best to give them what they need to do the job so that they can do it as quick as possible.

    Hopefully you've done your due diligence on your service provider and just as you would for any other service provider.
    You can always change any passwords or delete any user accounts they've created for themselves after they are done.

    Best case scenario is that you know how to create an accounts just for them that you can delete easily later.
    If they need FTP access, you can create a limited account that only gives them access to your specific area where the WordPress site is, and you can back up your own files and database beforehand.

    But most people don't know how to do this, and it's on the service provider to do it, which is more of a reason why they need access.
    WordPress Support WordPress Security Blog | Seeker.One
    Doing everything right doesn't guarantee success. Not trying does guarantee failure.

  4. #4
    Member Needs New Keyboard Array
    Join Date
    Aug 2008
    Posts
    4,939
    Likes (Given)
    88
    Likes (Received)
    213

    Default

    At some point, you have to trust people. Just do frequent backups of your site.

    This brings up a question which I have probably asked before: How do you keep track of files which have either been added or changed on your site?

    This could either be related to a freelancer per your question or viruses being placed on your site.

  5. #5
    Member Needs New Keyboard Array Brian Altenhofel's Avatar
    Join Date
    Sep 2012
    Location
    Oklahoma
    Posts
    900
    Likes (Given)
    109
    Likes (Received)
    180

    Default

    Quote Originally Posted by Harold Mansfield View Post
    create an accounts just for them that you can delete easily later
    This. There is rarely any instance where a freelancer (or any other developer) needs the equivalent of "superuser" access to your site or accounts. If it's a configuration issue with Wordpress, then they just need a user that allows sufficient permissions to manipulate that particular configuration. If it's a code issue, then they only need the ability to look at the code (such as a read-only FTP account if on a cheap host - you can be the one to actually do the upload after verifying that the changes work). If they need access to your hosting provider for technical information, most providers will allow you to add an authorized user that can only discuss technical information but not make any actual account changes. This is especially important for sites that handle financial data (like ecommerce).

    Quote Originally Posted by billbenson View Post
    How do you keep track of files which have either been added or changed on your site?
    If a developer isn't using version control (Git is the most popular, but Subversion, Mercurial, Bazaar, and CVS are still used by some) these days, they shouldn't be a developer.
    || VMdoh - Drupal development, consulting, and support

  6. #6
    root Array Harold Mansfield's Avatar
    Join Date
    Aug 2008
    Location
    Las Vegas
    Posts
    9,374
    Likes (Given)
    1016
    Likes (Received)
    946

    Default

    Quote Originally Posted by Brian Altenhofel View Post
    This. There is rarely any instance where a freelancer (or any other developer) needs the equivalent of "superuser" access to your site or accounts. If it's a configuration issue with Wordpress, then they just need a user that allows sufficient permissions to manipulate that particular configuration.
    They need full Admin access. If it's a network, they need Super Admin. There's no other way. Anything less is too prohibitive. Honestly if you don't trust your service provider enough to give them the access they need to fix or do what you need done, you probably shouldn't be giving them any access at all.

    Quote Originally Posted by Brian Altenhofel View Post
    If a developer isn't using version control (Git is the most popular, but Subversion, Mercurial, Bazaar, and CVS are still used by some) these days, they shouldn't be a developer.
    I don't use Git for client sites because clients don't know how to use Git. Git would be more for internal development of themes and plug ins.
    I do perform my own backups though.

    WordPress uses child themes. So if any theme changes need to be made, that's where they go so that it doesn't disrupt the main theme and you can still apply updates without changing the structure of the website. There's rarely any reason for anyone to change the WordPress core anymore so those files should always be intact and easily reinstalled if there's an issue.

    Pretty much every host has automatic back ups, and roll back features. The better your plan, the better your backup options. If you have the cheapest thing offered, then you should learn how to do your own backups regularly.

    Most technical issues are database (rare), theme/coding mistakes, bad/old plug ins, server issues or people just not performing regular updates and maintenance.

    You have to try really hard or just have no idea what you're doing to completely destroy a WordPress site. Somehow people still manage to do it.
    WordPress Support WordPress Security Blog | Seeker.One
    Doing everything right doesn't guarantee success. Not trying does guarantee failure.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •