Facebook
Twitter
E
eggman2001
Guest
When I transfer files to my server, I always use SFTP so I'm minimizing the chances of someone else gaining ftp access to my server.
However, occasionally I have freelance developers work on my server (usually using a subdomain exclusively for development - i.e. dev.domain.com). When I send the developer the ftp login credentials, I do it via e-mail. I don't send them SFTP login info because they they could gain shell access and I don't want that.
Because I'm sending them the ftp login through e-mail, it's not secure. However, what would be the risks if this should fall into the wrong hands? Could someone upload a script that will attack my entire server? Or does plesk partition the directories in some way where they'd only be able to attack the folder that the malicious script gets placed in?
If what I'm doing is not secure, does anyone have any suggestions?
However, occasionally I have freelance developers work on my server (usually using a subdomain exclusively for development - i.e. dev.domain.com). When I send the developer the ftp login credentials, I do it via e-mail. I don't send them SFTP login info because they they could gain shell access and I don't want that.
Because I'm sending them the ftp login through e-mail, it's not secure. However, what would be the risks if this should fall into the wrong hands? Could someone upload a script that will attack my entire server? Or does plesk partition the directories in some way where they'd only be able to attack the folder that the malicious script gets placed in?
If what I'm doing is not secure, does anyone have any suggestions?
