Helping people with computers... one answer at a time.
•
This was essentially the case for the web site for an organization I belong to. In fact, it happened twice, and we got very lucky each time.
I'll review what happened to us, how I recovered, and what every website owner ought to be doing to be prepared for exactly this scenario.
•
Corgi-l is a mailing list for owners of Welsh Corgi dogs. There's an associated website, built and maintained by volunteers, that includes photos, a list FAQ, and other information related to the list. Not an uncommon use of a website to back up and maintain information for an online community. I recently volunteered to take on site maintenance, including the transition from an old site, to a new, partially completed replacement.
Unfortunately, as part of the transition, which included moving to a new web host, we lost the person, and the information to access the old site. It was hosted on a small, and fortunately responsive ISP. We were able to contact them and convince them that we were, in fact, the folks responsible for the site. They then set up a redirection so that visitors trying to get to the old site reached the new site instead. In short, we were very lucky - mostly in that the ISP was willing to help us out.
So the transition to the new site went well, initially. Unfortunately, unbeknownst to us, there was a bandwidth cap in place. Only so much traffic would be allowed before the site would be disabled for a time. With the redirection from the old site, we reached that cap in under two weeks.
We were fortunate once again, in that the webmaster I was replacing had taken the time to prepare, and some time ago had shared with the organization's administration some very important things: password, accounts and access information. Unfortunately not all of it worked - I was unable to lift the bandwidth cap, for example. However enough of it did work that I was able to move the new site to a new location - one of my own servers, where I have total control. And no bandwidth cap that this site is likely to reach.
So, what lessons has this experience taught?
In short losing your webmaster could be a serious problem. Depending on many things, you could loose access to your own site, with little, if any, hope of retrieving it. I got lucky. Twice. You might not.
So, if you have someone else who's in charge of managing your web site, you should prepare, well in advance, with a contingency plan. I'd recommend that it include, at a minimum:
- If you have your own domain name: the name of the registrar, and the account name and password that would allow you to make changes to that domain, such as pointing it at a different server, or even transferring it to another registrar.
- The name of your hosting provider. Ideally, that would include telling your hosting provider of backup contacts in addition to the webmaster.
- Accounts and passwords to your server's management console. Not all sites have this, but ultimately, a management console is a common approach that web hosting providers allow individuals to control the configuration of their server or their part of it.
- If you have a dedicated server, the root or administrator account name and password.
- Account names and passwords to the appropriate login and ftp accounts used to manage the server, or to upload content to it.
- Account names and passwords to any applications. For example the administration accounts used for blogs, forums or other tools that have been installed on your server.
- An alternate contact. In many cases your webmaster may have a trusted individual that, while not involved in your site, may be available to grant access or assist in an emergency.
You may have a couple of reactions to that list:
All that information ... those are the keys to my kingdom! If someone got all that, they could hack me to pieces! Yes indeed. Realize that you're already relying on your webmaster to keep this same information safe already, but you'll absolutely have to do the same. It doesn't matter how you do it - written on a note you keep in a safe, or kept in a spreadsheet in an encrypted filesystem, or something else entirely - you do want to keep this sensitive information secure. But no matter how, it's critical that more than one person have it.
I wouldn't know what to do with this information! That doesn't matter. If you're not familiar with website stuff yourself, you'll be looking for someone who is. Once you find them, they'll need this information in order to help.
A sudden or unplanned transition is always rocky. However with a little careful up-front planning, very often a total disaster can be averted.
Article C2472 - November 26, 2005
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
I work for a company called SmartUpdates.NET. We offer maintenance services to companies who know what they want to do, but don't necessarily want to mess with FTP, HTML, stylesheets, etc. And for far less than the cost of hiring a new webmaster!
Posted by: Will Belden at November 28, 2005 4:41 AMToeKnee: that's a good observation ... if you in fact *have* an organization or entity to assign it to. There are many less formal groups that don't have that - my example list being one.
And even so, your registrar/isp/whatever may still require you to jump through hoops to prove that you are in fact an authorized representative of that organization.
Bottom line: I still feel it's faster / safer to make sure that someone else besides your webmaster has the information readily available.
Posted by: Leo A. Notenboom at November 28, 2005 8:44 AMI think you can make it much simpler than that and still be adequately protected: make sure the website is registered to the organization or business you have (domain owner) with proper address, and make sure you or an owner/director of the organization/business is listed as the administrative contact with valid e-mail address. (And put the registrar in your address book to make sure their e-mails don't go in your spam folder). Your webmaster should only be listed as technical contact and perhaps billing contact if that's the arrangement you have. [link removed]
Posted by: ketu at May 14, 2010 10:48 AMI think you can make it much simpler than that and still be adequately protected: make sure the website is registered to the organization or business you have (domain owner) with proper address, and make sure you or an owner/director of the organization/business is listed as the administrative contact with valid e-mail address. (And put the registrar in your address book to make sure their e-mails don't go in your spam folder). Your webmaster should only be listed as technical contact and perhaps billing contact if that's the arrangement you have.[spam link removed]
Posted by: Used Trailers at May 22, 2010 5:13 AMIn short losing your webmaster could be a serious problem. Depending on many things, you could loose access to your own site, with little, if any, hope of retrieving it. I got lucky. Twice. You might not.
Posted by: rakesh at June 11, 2010 12:43 PM[spam link removed]