Every once in a while, you may want to give an outside developer, designer, or agency access to your dedicated server or virtual private server. Perhaps you hired them to do some development work on your eCommerce store or to modify your WordPress site’s theme. As part of their job, they may need to upload files or edit code.
Allowing someone you don’t — or shouldn’t — fully trust to access the server that runs an important part of your business is a risk. In this article, we’re going to look at how you can manage that risk and negotiate a potential security minefield.
Don’t provide access if you can avoid it. If you or an employee can upload the files or make the necessary changes, don’t give the third-party access. The golden rule is to provide the least possible access, and that means not providing any access unless it’s necessary.
Don’t give anyone the server’s root password. Anyone with the root password has total control over the server. They can see every bit of data stored on it. They can install software. They can delete files, including the operating system itself. It might be convenient to give out the root password, but it’s a massive security risk.
Don’t give anyone your password. Every user should have their own account, and no one else should know its password. There should be no shared passwords.
Create a new user account for anyone working on the server. Creating a new user for each person with access to the server helps you to keep control of what they can do, and you can delete the account when it’s no longer needed. If you give lots of people access to the same user account, you will have to change the password to remove access, and then give the new password to everyone else. That’s not secure and, because it’s inconvenient, is unlikely to happen.
Creating A New User On Your Server
The useradd tool is used to create new users. As root, run the following command.
Replace *account-name* with the name you want to use for the account. Next, give the user a password.
You will be prompted to enter a password twice.
Now you have a user account, but anyone logged in on that account over SSH or SFTP only has access to their home folder. You need a way to give the user read, write, and traverse permissions for the directory they will be working in. There are various ways to do this, but the most secure is via CentOS’s built-in Access Control Lists.
Access Control Lists
Access Control Lists were created to make up for shortcomings in Linux’s user management model. To give the new user full read, write, and traverse access to a specific folder, we use the setfacl command.
setfacl -m “u:frank:rwx” foo_directory
The above command allows the user “frank” to add files and edit the existing files in a directory called “foo_directory”. With Access Control Lists, server hosting clients can precisely control which directories and data they allow third-party developers to access.
You can find more information about using Access Control Lists on CentOS here.
A staging server is an alternative to giving third-party professionals access to your production server. In the case of a WordPress site, you could copy the site and database to a new Virtual Private Server, and allow the professional to make their changes on the new staging server, before syncing them back to the production server after they’ve been checked. This is probably the most secure option.
If you follow the advice in this post, you will be able to safely and securely give external professionals the access they need to do their work without putting your data, your site, and its users at risk.