It’s important to understand what’s important, particularly when you use the services of others to perform some of your work. It’s simply too easy to give someone more control than they need, or more control than they deserve, and end up regretting it.
It’s actually surprisingly common to hear of businesses impacted because they gave excessive control over important aspects of their online presence to the wrong people. At best, this can result in lengthy and costly legal proceedings, and at worst, it can result in losing your domain and everything associated with it, including your web site and email address(es).
As I write this, the popular and important site Snopes.com is apparently in this situation. While I don’t know the specifics, I want to use it to highlight a series of important lessons we can learn about what’s important, why it’s important, and the most important thing of all.
Let’s look at how much control of our websites we give away at several levels: our content, content management system access, backups, email, hosting, DNS, and domain registration. Do you know who controls access to each of these crucial elements of your business and the ramifications of each?
Perhaps surprisingly, your content is the least important thing we’ll look at. I’m not saying it isn’t important — it is. It’s just that, compared to everything else that can go wrong, it’s at the bottom of the list.
If you have a rogue writer or editor, for example, who posts something improper, the remedies are typically simple: you fire them, you revoke their access to whatever it is they had access to, you correct or delete the offending content, and you move on.
Your content management system
I’ve discussed using WordPress as your content management system, but this applies to any CMS. The general rule of thumb is to give only as much access as is required to perform a task. There are two problems with this rule:
- Often the very tasks you want to give to others really do require total — aka administrative — access.
- It’s also easier to give too much access — again, administrative access is common — so as to not have to think about how much access is enough.
The problem is, someone with administrative access can do serious damage to your web site. A malicious individual can even revoke your access to your own content.
In a way, this is a superset of “Your content” above. If it happens, you fire them, revoke their access if you can (or restore your CMS from a backup if you can’t), undo the damage, and move on.
Naturally, recovering from the previous step assumes you have backups. If you don’t have backups of your website, you risk losing everything on it — permanently — for a variety of reasons.
One important aspect, though, is to ensure that you have access to those backups.
Let’s say your content management system includes a backup solution. And let’s say your website administrator sets all that up for you. Unbeknownst to you, the backups are configured and happening properly — but they are kept in a location that only that administrator can access.
If you ever lose “access” to your administrator — for any reason, good or bad — you’ve lost access to your backups as well. If the admin’s departure was the result of malicious behavior, for example, that could leave you with nothing.
Email is typically intertwined with your website hosting, which I’ll discuss in a moment, but it’s worth examining on its own.
Email administration involves a tremendous amount of access. Anyone who manages your email configuration, including the ability to set up or modify email addresses on your domain, can typically access, modify, divert, or delete your email completely.
In fact, it opens a door to all sorts of issues. For instance, someone with access to your email by virtue of being your email administrator can intercept password reset requests and as a result hack any account you have associated with an email address they administrate.
I have seen websites stolen using this type of access. On the other hand, I have also seen websites recovered using this type of access (when the owner disappeared).
The potential for damage is immense. The options for recovery are few, in the most extreme case. This area calls for an over-abundance of caution.
It’s not at all uncommon for the people you hire to manage your web site, if you choose to outsource that work, to have access to your website’s hosting account.
For example: I have access to a client’s account at BlueHost.com, the company that hosts (provides the servers and hardware that runs) their web site. That means I have access to everything I’ve discussed above, as well as exactly how their site is implemented, what content management system is being used, and access to all email and online content related to their domain.
Someone with this level of access can lock you out of your own web site, and lock you out of your own email, if that email is associated with your website’s domain.
For most small businesses or individuals running solo endeavors, giving someone this kind of access is almost inevitable. It’s by far the easiest approach to letting your website admin do their job. On the other hand, it gives them incredible power, and ultimately represents a significant risk. Unfortunately, not giving them this level of access, while more secure, also means occasionally having to respond to sometimes arcane requests when something needs to be done at the hosting account level. Fortunately, that’s not often, once your site and email are set up.
DNS, or the Domain Name System, is the system that takes your domain name — like “askleo.com”, for example — and maps it to an IP address — 220.127.116.11.
What this really means is that DNS maps from the name of your site to the physical server on which your site resides. When you change physical servers, say because you’re changing hosting companies, it’s a change in DNS that tells everyone “this web site lives over here now.”
Giving someone — anyone — access to control or modify your DNS is something you should never do lightly. Again, the types of things you need to do with DNS are often arcane, but they’re not something that needs to change often.
The risk is significant. If someone controls your DNS, they can hijack your website and your email, and need nothing else to do so. If someone suddenly decides to point your domain to a server in eastern Europe, they can.
The good news here is that the vast majority of DNS access is controlled either via your web host’s administration tools, as discussed above, or your domain registration, which I’ll discuss next.
The other good news is, as long as you avoid giving control of your DNS to someone else, you retain control over your domain. You may lose all your content and email for a time, but in the worst of all possible scenarios — if your web host becomes compromised, for example — you can set up at a new host and change your DNS to point to that new location.
OK, I lied. There’s one scenario that’s even worse.
Your domain registration
Your domain registration represents your ownership of your domain. It is the single most important item on this list.
It is my opinion you should not give anyone else access to this.1
It represents the ultimate fall back should anything go wrong with any other element I’ve discussed above. It’s your domain registration that says “use this DNS service.” If your DNS gets compromised for some reason, you change this to a DNS service you control. From there, you can reset your hosting, your website, and your email, and restore your content from your backups. Domain registration ownership is the ultimate safety net.
Unfortunately, it’s also the ultimate risk, should someone else be able to access your registration. Even worse, I’ve seen service providers who actually own the domain their clients consider to be theirs. That’s just wrong, in my opinion. With access to your domain registration, ownership of your domain can be taken, and only lengthy and expensive legal proceedings can give you even a glimmer of hope to regain control.
Given the situation with Snopes.com, I can only assume this is what happened to them. I wish them luck in regaining access to their own web site.
Learn from the mistakes of others.
Give access appropriately, but do so with care, and only to the people or services you trust to a level that matches what you’re asking them to do. If you don’t trust them, don’t do it. Find someone else.
Most of the people and providers you’ll encounter are probably quite trustworthy. But in the complicated space that is the internet, it’s easy to give more access and more control than you realize, and expose yourself to unnecessary risks.
While it doesn’t happen often, the “cost of failure”, as I call it, can be exceptionally high.
1: That being said, it’s equally critical you have a plan in place should something happen to you, so someone can access this, and if necessary, everything else discussed in this article.