Hiring a database Dev

Posted on

Question :

To start, I have no technical experience. I own a home services business and I want a mySQL database for all my data. I know how I want it, I’ve played around with Caspio so I know how it will look/function from a user’s perspective.

My question is in regards to how to have someone built it for me and what security measure to take to keep my website safe. I have hosting with siteground for my wordpress website. If its best to just create a new siteground account and incur another separate billing cost for it than I will do that but if it is safe to keep it on the same account than that is preferable due to savings and practicality. I went to cPanel, created the database (nothing in it, just created it), and created a user account for my developer to use when I hire one. I learned how to have a link for them to access it (mydomain.com/phpMyAdmin) and that is ready. I tested it, the login info for the user I created works.

So my actual question…Is giving them that link and the login credentials safe? That should only allow them to do things in the database right? By safe I mean my website and files and stuff, they wont have any access to any of that or cPanel right?

Answer :

First, if you haven’t built anything don’t use MySQL. If you’re doing a new product — go PostgreSQL. It’s better and free.

If you insist on MySQL, at least go MariaDB. While both have their advantages MariaDB is a fork and that’s where the community is at. MySQL is Oracle’s newly purchased pretend-to-be-open-source-friendly PR campaign.

There is nothing wrong with cPanel for you. That said, database developers don’t use cPanel. If you’re going to hire someone and they can’t administer their database without a 3rd party GUI tool — RUN.

Is giving them that link and the login credentials safe?

It depends on safe. When you give login credentials they have at least the level of access granted by intent so look that up. And if your software is out of date and they’re malicious usually more than that.

By safe I mean my website and files and stuff, they wont have any access to any of that or cPanel right?

At that point it’s a cPanel question. Often times db-clients leak privileges because they’re improperly sandboxed. I can’t tell you how many times I get to a psql box which launches right into psql, and I can get out simply doing !.

Leave a Reply

Your email address will not be published. Required fields are marked *