How to provide NitroPack support with access to your site

Why does NitroPack require access to my website occasionally?

As your website is a self-hosted solution, in some instances, we need direct access to

the client-side environment to troubleshoot and investigate issues further.

Every website works with a unique tech stack, server configurations, and other factors to build a specific environment that we might not be able to precisely duplicate to diagnose. 

Therefore, the only option is directly accessing our customer's websites - ideally, a staging copy.

The security of our clients’ websites is our top priority when looking for the fastest and most effective way to resolve an issue.


What access do we need?

To proceed with debugging, we first need the following information:

1. Temporary admin credentials

  • We will only work on NitroPack and will also check for any incompatible plugins/options without doing modifications to 3rd party plugins. We reserve the right to make small changes to the NitroPack plugin for the purposes of debugging. When possible, we aim to make non-disruptive changes to avoid issues for your site visitors.
  • No plugin/option outside of NitroPack will be amended without your explicit approval. 
  • In case we spot an issue with the NitroPack plugin itself, we will apply a fix to the NitroPack plugin code, where possible.

2. Temporary FTP / SFTP / SSH credentials

Here is what we would need from your hosting provider:

  • Host name/IP address
  • Port number
  • Username
  • Password
  • (Optional) In some cases, you may need to ask your web hosting provider to allowlist an IP address for incoming requests. Find all of our IPs here

❗For Magento-based websites: We generally require SSH access for this set of credentials.


Sharing access with us

We never advise sending usernames and passwords (or other credentials) through email. NitroPack will never store these significant pieces of data on file. Fortunately, there are a few viable options for giving us access safely.

⚠️ But before doing so, here are some essential steps to follow first:

  • Please ask your hosting to make sure the root folder for the FTP account has read and write access to your website's files.
  • Make sure to test both sets of credentials on your end before sending them. This will reduce the resolution time if the credentials end up not working.
  • It is up to you to grant us the required access and revoke our access details once our investigation is over.

1. (WordPress-specific) wp-admin access through a WordPress plugin

The free and compact Temporary Login Without Password WordPress plugin is our first suggested solution.

With the plugin, you may grant temporary access to anyone via a link – usernames and passwords are never exchanged.

One of the main advantages of utilizing this plugin is that you may decide when the temporary account expires and what its privileges are. This is something that WordPress does not, by default, support.

image1.png

image2.png

2. (WordPress-specific) wp-admin access through WordPress’s workflow

The second option is to simply make a new user account using WordPress' built-in procedure. We will receive a link by email so that we may change the password.

Create a new user in WordPress under “Users” → “Add New”

Ensure that the "Send User Notification" checkbox is selected, and select "Administrator" as the role.

image3.png

3. (All Platforms) Share credentials via an online tool

Although less secure than the alternatives above, this is still preferable to email because the password may be set to expire automatically. Credentials sent by email generally remain online indefinitely.

One of the following tools can be used for this purpose:


Good practices

  • Back up your files and database before sharing access details with the outside world. Please consult with your web hosting on how to do a full backup.
  • In case you do not wish to share access to your production/live environment, then the most reliable way to do this is to set up a carbon copy staging site on another domain/subdomain, add it as a new site to the nitropack.io dashboard where we can test while the live site remains unaltered (see how here).
  • If you set up version control (GIT) on your website, you will be able to see the changes we make.

📌If you need help applying any of the steps, please reach out to our support team at support@nitropack.io or via this link: https://support.nitropack.io/hc/en-us/requests/new

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.