Giving Access without Giving Access

Sammy G's picture

Friends of the netherweb,

I'm looking for tried-and-true processes for enabling a new potential tech vendor access to my website without providing access at the web server level.

In the past, whenever getting first acquainted with a potential vendor, the need always arises for the potential vendor to actually look at the website before committing to a price or workload schedule. Also, a vendor is interested in seeing the site to ensure that they are familiar with the current systems and that their skill set is capable of executing the work.

Historically, I've given the vendor 'root command' access to the webserver. Once they've gone in and grabbed what they needed I've changed the primary password. Finally, when the vendor and I agree on terms and I feel comfortable with that particular vendor, I give them the new password. This is kind of silly on multiple levels.

Thus, I'm looking for process suggestions for how to get the website, in its entirety, to a potential vendor's possession without opening up the full mothership treasure chest at the webserver host level.

Gracias Muchas.


Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
matthew's picture

My usual process...

My usual process is to set up entirely separate environments: Development, Stage/Test, and Production.

Right now I don't have any personal sites to demonstrate this, but I use it a lot at work.

Every few months, I refresh the Stage/Test and Development environments with the production data set and whatnot. If you want to run them on the same web server, you'd set up per-vendor user accounts as their own "development" area. You should already have sub-domains like "" & "". When you bring on the new vendor, copy all the production data to a new instance in a dedicated home directory for that vendor -- like /home/vendorname/ -- and then give them just that user account. Set up your web server rules so that /home/vendorname/public_html is a sub-domain like "". Done!

If you want to talk about this at greater length, Sammy, as always I'm at your disposal. In fact, the next day or two would be ideal as I have a light workload because I'm about to go on a week-long Scout trip with my son. Anything beyond an hour or two of consultation I typically charge $85 per hour for friends/family and $115/hour for strangers.

Matthew P. Barnson