The Web For Blog

Internet marketing observations, perspectives, tips and tricks for your education and enlightenment.

Website Security

Mark Kawabe - Friday, July 09, 2010

A client of mine has their site hosted with a local ISP. Due to some changes at the ISP the FTP login for the website had been changed.

FTP stands for File Transfer Protocol and if you have the FTP information for a website you have the ability to manage the website's files.

In other words, this is important information.

I called the ISP to get the new FTP login. I didn't identify myself or my company and just told the person on the phone that due to the changes I needed the new FTP login to access my client's website. I was asked for the domain of the website and was given the new FTP information. I was even allowed to specify the password.

Our policy at The Web For is to provide information like this to the client directly. If a client chooses to give that information to a third party, that's their decision. Nobody but a client can get this information from us unless the client has given us permission in writing to communicate with a third party.

If I was a hacker imagine what I could have done to the website.

Ook. Happy Friday!