If your developer or server manager doesn’t know, it is time for them to find out. Ideally, only they will have root access. If FTP access is set up, each user should have their own user name and password. Whenever possible, SFTP not FTP access should be granted and only to trusted users. Access to the staging/development server can be a little broader, while access to your production server should be limited to a highly-trusted core of users.
Posted in: Magento