Re: [cobalt-users] They want FTP access

[Kris Dahl <krislists@xxxxxxxxxxxxx>]

on 4/19/00 2:28 PM, Debbie Doerrlamm at wkdwich@xxxxxxxxxxxx wrote:

> How to you all gracefully deny FTP access to those clients you are unsure of??
> Today I got 2 requests.. politely told one that the shopping cart pages are
> quite complicated and its best I make the changes.. she said OK no
> problem.. but now another is asking also..
> 
> Right now no one has FTP or telnet to any of the 30+ sites on the box
> except me.. also none of their mail stays on the box its all forwarded off
> to their ISP addresses..
> 
> I'd like to leave it that way.. gracefully of course <G>

The company I work for is considering the purchase of our own servers for
hosting our client's web sites.  A major reason is because I pretty much
detest shared servers for the following reasons:
1) We're at the mercy of the admins to fix stuff
2) We're at the mercy of whatever dumbass has access to the machine (like
the guy that 'accidently' ate up all the mysql connections a couple weeks
back)
3) Can't store information 'safely' (i.e. credit information that needs to
be encrypted)

So when we start offering hosting services to our clients they will not have
any access to the server.  There is a lot of stuff going on and its just too
easy to muck something up on accident.  So we've already started to provide
an interactive content management system (all web based) for them to update
their content.  This is the only way to go.

The way we sell the idea is a no-brainer.  We are able to offer more
reliable service, a more secure environment and less headaches if they host
with us (on a non-shared system with multiuser accessability).

So if someone requests FTP access, I would suggest posing it like this:
"Web sites these days are far more complex then they used to be.  This makes
it much harder to use 'off the shelf' solutions (such as Dreamweaver, etc)
to maintain dynamic web sites, and increases the likelyhood of accidental
downtime.  For this reason, we do not offer remote shell or FTP access to
our production servers.  As an alternative, we have provided (choose one):
1) An online web interface for you to update constantly changing
information.
2) A qa/test server for you to 'stage' your website for production
3) We will make the changes for you
Be restricting access to the production servers, we are able to offer
superior reliability, much higher security and an overall better hosting
expereince to our customers."

But you pretty much have to either offer a web interface or give them a
test/qa server to work with if you want someone to host with you without
*any* interactive access.  They will feel alienated and 'tied down' to your
services otherwise.  And what you essentially are able to do is turn a
potentially negative situation into a *huge* value add.  Increased stability
and security?  Sounds like a good idea.

And if they aren't comfortable with that, offer to help them co-locate their
own server with you.  They might not be able to justify the cost, and
realize (hopefully) that they are getting good value from hosting with you.

And typically, I've found, its not that hard to convince people that hosting
on a large shared server for $20/month isn't going to be providing the best
level of service.

-k