Hosting & Credentials
Hosting & Credentials
Before we can begin work on your website—whether updates, migrations, or ongoing support—we need to have the right credentials and access to your hosting environment. Having this info up front avoids delays or broken sites.
What Hosting Credentials We Need
Please provide all applicable items below. If any don’t apply, just mark “N/A”.
| Item | What We Need | Why It Matters |
|---|---|---|
| Hosting Control Panel Login | Username, password, and control panel URL (cPanel / Plesk / custom) | We need access to make server-side changes: install plugins, manage files, set permissions. |
| FTP / SFTP / SSH Access | Server address, port, username, private key or password, and whether passive or active mode | Required for uploading files directly, troubleshooting file issues, large uploads. |
| Database Credentials | Database name, user, password, host (often “localhost”) | Needed to edit or migrate content, troubleshoot database errors. ([help.hostpresto.com](https://help.hostpresto.com/hc/hostpresto/articles/what-are-my-database-credentials?utm_source=openai)) |
| Domain Registrar Login | Credentials (username/password) for your domain provider | Necessary for updating DNS, name servers, or SSL certificate setup. |
| Server or Hosting Account Billing Contact | Email used, account number, provider name | So we can handle ownership issues or verify account identity if support is needed. |
| SSL certificate / HTTPS Info | Certificate issuer, private key (if self-managed), domain name, expiration date | To ensure secure browsing & prevent downtime. |
| Email / MX Settings Access (if hosted) | Control panel or email platform login and configurations | Important if we’re setting up or updating email accounts, forwarding, or SMTP. |
Best Practices for Sharing Credentials Safely
- Use secure password managers or encrypted files to transmit credentials—not plain email.
- If possible, set up limited access (e.g. FTP-only user, database user restricted to one database) rather than giving full root or admin rights. ([hostgator.com](https://www.hostgator.com/help/article/should-i-give-my-web-developer-my-username-and-password?utm_source=openai))
- Use strong, unique passwords.
- Enable multi-factor authentication (MFA) if your host supports it.
- Change or revoke access after project completion (especially FTP, temporary users).
- Keep a secure record of all credentials you provide, including where and how they are stored.
Common Host Providers & What Their Credentials Look Like
Here are examples of what provided credentials may include, depending on your host:
- Shared hosts (cPanel / Plesk): panel URL, control panel login, FTP/SFTP, MySQL database details.
- Managed WordPress hosts: dashboard login + SFTP, sometimes with proprietary control panels.
- Cloud/VPS: SSH access, root or sudoers credentials, server IP, dev/staging vs. production hostnames.
What Happens After You Share Credentials
1. We verify all access information and let you know if anything is missing or incorrect. 2. Back up your site and database before making major changes. 3. Apply updates or migrations in a staging environment if possible. 4. Perform the requested work (updates, installs, repairs). 5. After work is complete, test everything, clear any cache, and ensure the site is functioning properly. 6. Ensure credentials for temporary access are removed and passwords changed if needed.