[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: need help in rights delegation to a freelance "web developer"

Thanks for sharing your input. what would be the rights of /var/www and its sub-directories.
currently it is root : root and 775

Secondly do you guys have any advice on more security of WP. i have heard that word press is kind of week in security. maybe i am wrong but i have heard that.

no problem with the data base we only have single data base only with one user.

Moreover, our developer is also saying that he is having problem running our website on our current debian 7 VM. do you guys think there should be some modules required in order to work things properly.


On Mon, Nov 10, 2014 at 7:32 PM, Carl Fink <carl@finknetwork.com> wrote:
On Mon, Nov 10, 2014 at 07:20:46PM +0500, Muhammad Yousuf Khan wrote:
> for some testing we first want to install our Wordpress website inhouse.
> and for that i have designed a Debian 7. and installed all the necessary
>  packages that are needed for the deployment.
> now i want to grant rights to our freelance web developer so he can deploye
> the website. i never did this in pas i am a one man army. now Firewall and
> all security related things are already deployed with 1 to 1 NAT.  however
> now i want to give him very limited right so that he can install the
> website with out complaining and i can also feel secure.

If you have already installed WordPress and set up its database, you don't
need to give your developer any system-wide rights at all. Just make him
administrator of the WordPress site itself. If it's properly installed, he
can then install plugins, themes, etc. from the WP GUI.

If security is a concern (and it probably should be) you might consider
sandboxing WorPress and having its MySQL instance be separate from any other
MySQL uses on your server. Or maybe even putting it on its own virtual
Carl Fink                           nitpicking@nitpicking.com

Read my blog at blog.nitpicking.com.  Reviews!  Observations!
Stupid mistakes you can correct!

To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: [🔎] 20141110143254.GA4400@panix.com" target="_blank">https://lists.debian.org/[🔎] 20141110143254.GA4400@panix.com

Reply to: