1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Best way to have someone work on your wordpress site

Discussion in 'Black Hat SEO' started by workplay, Jan 24, 2012.

  1. workplay

    workplay Junior Member

    Joined:
    Dec 2, 2011
    Messages:
    122
    Likes Received:
    27
    I'm looking to fix up somethings my wordpress site with thesis framework.

    Most of people seem to be asking for the login information to work on the site.

    What is the safe way to provide user login for a wordpress site?

    My worry is that the person who gains access to the site may insert malicious code and leave backdoors somewhere.

    One of my sites got hacked once when I gave them the admin info before.
     
  2. KraftyKyle

    KraftyKyle Jr. Executive VIP Jr. VIP Premium Member

    Joined:
    Aug 13, 2008
    Messages:
    1,941
    Likes Received:
    4,610
    Gender:
    Male
    Location:
    Unknown
    NEVER GIVE OUT YOUR ADMIN INFO! You can create another user with privileges which will allow the person do utilize many WP functions beyond that of a normal subscriber. What work are they suppose to be doing for you?
     
    • Thanks Thanks x 1
  3. workplay

    workplay Junior Member

    Joined:
    Dec 2, 2011
    Messages:
    122
    Likes Received:
    27
    Just editing css style and php files for the theme. When I make a login for them how can I edit their privileges?

    When I go to add a new user, I see options "adminitrator, editor, author...." which do i choose?
     
  4. jonnyquest

    jonnyquest Regular Member

    Joined:
    Nov 24, 2008
    Messages:
    277
    Likes Received:
    436
    Occupation:
    Retired
    Location:
    Island Time
    What the other guys are saying ...

    Here is a quick look at the difference of what an outsource worker
    would see and have access to while you as the Admin gets it all

    I would say use the EDITOR How about others?

    [​IMG]

    Hope this helps

    JQ
     
    • Thanks Thanks x 1
    Last edited: Jan 24, 2012
  5. workplay

    workplay Junior Member

    Joined:
    Dec 2, 2011
    Messages:
    122
    Likes Received:
    27
    Would they have access to edit css and php files with just "editor" privilege? I don't think i see that option as editor.
     
  6. nik-0

    nik-0 BANNED BANNED

    Joined:
    Jan 19, 2012
    Messages:
    510
    Likes Received:
    96
    No they won't
     
  7. jonnyquest

    jonnyquest Regular Member

    Joined:
    Nov 24, 2008
    Messages:
    277
    Likes Received:
    436
    Occupation:
    Retired
    Location:
    Island Time
    What Nik-0 said

    JQ
     
  8. LilithX

    LilithX Registered Member

    Joined:
    Oct 4, 2010
    Messages:
    60
    Likes Received:
    25
    Occupation:
    Internet Marketing | Graphic Designer
    Location:
    USA
    Well, what I did when I had someone work on my site was use a plugin called WordPress File Monitor Plus and it tells me what files were added/changed/deleted and it gets sent straight to my e-mail. Better than nothing I guess.

    Another option would be to give them limited ftp access through your cpanel to the direct folder.
     
    • Thanks Thanks x 1
  9. workplay

    workplay Junior Member

    Joined:
    Dec 2, 2011
    Messages:
    122
    Likes Received:
    27
    wouldn't ftp access give them more freedom than wp admin login?
     
  10. elcappy

    elcappy Junior Member

    Joined:
    Feb 4, 2011
    Messages:
    116
    Likes Received:
    41
    Occupation:
    Web Designer
    Location:
    Los Angeles, CA
    Home Page:
    That would still allow them to throw malicious code into existing files. I guess you just have to trust the person or that person has to have a good rep/review.
     
  11. kennyrip

    kennyrip Newbie

    Joined:
    Apr 21, 2011
    Messages:
    32
    Likes Received:
    4
    download the files they need to work on, then send them via email. when you get the files back check over it, or have someone look over it to make sure they didnt add any backdoors.

    Thats how ive always done it
     
  12. workplay

    workplay Junior Member

    Joined:
    Dec 2, 2011
    Messages:
    122
    Likes Received:
    27
    are there any programs or plugins to find backdoors? are they visible as outbound links?