Automattic
SFTP: User-level SFTP access + access controls
What
Create SFTP credentials on a user-level, not a site level
Why
Site owners may need to provide 3rd parties with SFTP access to their site. We currently provide this in the form of a single username/password for the entire site.
For larger sites with multiple users potentially needing access, having a single set of credentials is not ideal and adds management overhead that can be avoided.
How
- Provide user-specific SFTP credentials at
https://wordpress.com/hosting-config/domain.blog. - Add an option for site owners to reset user SFTP credentials in Calypso at
https://wordpress.com/people/edit/domain.blog/usernamehere.
Optionally, we could also provide some basic folder restrictions by allowing site owners to set specific areas users have SFTP access to.
This could be done via checkboxe(s). A very rough example:
Allow SFTP access to only the following folders:
[ ] /wp-content/plugins
[✔️] /wp-content/themes
[✔️] /wp-content/uploads
No boxes checked = unlimited access. One, some or all boxes checked = access to only those folders.
The above would be useful for site owners who only wish to give certain users access to certain areas. For example, a theme developer troubleshooting a theme.
+1 from a user in this interaction: 35493529-hc
They'd like multiple SFTP users so they can set up Bitbucket/Github deployment flows.
Support References
This comment is automatically generated. Please do not edit it.
- [ ] 4256564-zen
- [ ] 8345540-zen
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}