Over the next few days I thought I’d discuss a few recent issues raised by readers, starting today with a situation concerning ownership of a website and access to it. Unless you’re absolutely sure that nobody outside of your company has ever been involved with the administration of your company’s website, this is something everyone should probably keep an eye on.
The problem I’m describing had occurred because the company I was advising had fallen out with its web design agency, and was worried that the agency might switch off the website. However, this is important even if you have a web design agency (or once had one) who you’ve been on good terms with. After all, any business can go bust, so you never want to have any part of your company’s website registered to, or exclusively run by, a third party.
There are three aspects of your website which you need to ensure are under your company’s control. The first is the domain name registration. It’s amazing how many companies once had their website domain names registered by an external web design agency under the agency’s name, and unknowingly still do today. There are two problems here: you’re relying on the agency to pay the annual registration fee (and they may well charge this back to you at a markup), and technically, they have the ability to do what they like with the domain. So make sure it’s yours, and that the information is up to date. Look up the “whois” details here. The contacts should all be your company address. If you need to make changes, you’ll need to find out who your domain name registration company is (the whois query should tell you). Even if you don’t need to make changes, make sure you know the account name and password there for future reference. It may even be a good time to change the password. Don’t leave learning how to get access until some emergency occurs.
Find out how much your domain name registration is costing you. It should be in the order of £10 a year. Don’t be ripped off by third-party agencies charging you over the odds, or (if you’re paying direct) by domain name registration companies who have found they can start charging more and more without customers questioning the situation. If you are being charged more than that by a domain name registration company directly, find out what the extra is getting you.
The second thing you need to be in charge of is the web hosting. It’s possible that this might be with the same company as the domain name registration, but often it’s not. It should be easy to find out who this is, because presumably you’ll be paying them monthly (or possibly annually) for the hosting services. Again, make sure you know your account name and password, and think about changing the password. Some web hosting companies have separate account name and password combinations for the general account and the individual domains (also known as the FTP access details).
Finally, if you use a content management system, ensure you have administrator access to that, and take a look at the user list. Ensure you’ve deleted anyone who should no longer have access. Again, a new password is never a bad idea.
So here’s the checklist. It’s a good idea to have all this information written down somewhere, clearly, but if you do so, make sure it’s secure.
1. Look up the “whois” details for your website, and check the domain is administered by you, and that the details are correct.
2. Ensure you know who the domain name registration company is, and that you know your sign-in details. Update the password.
3. Ensure you know who your website hosting company is, and that you know your general account sign-in details. Update the password.
4. Ensure you know your web server’s sign-in (“FTP access”) details. Update the password if possible.
5. If you use a content management system, ensure you know the administrative sign-in details. Update the password. Check the list of additional users and delete any which are no longer used.