I've just started learning web design. A co-worker has asked be to get a site up and going for him. What's the best way to handle the domain registration? Should I register it under my bluehost account in my name?

In fact, I'd also love to hear how other people handle hosting/administrative fees after the site is up and going.

Thanks.

The key question is whether you want to be responsible for that co-worker's domain and site forever. If so, then sure, register the domain yourself, and make it an addon domain on your account. But you'll have to do all the admin for it - your co-worker won't be able to do much of anything unless you give him your account ID and password (BH doesn't offer any reseller features, like separate cPanel logins for addon domains).

If you and your co-worker part company at some stage (for whatever reason), separating his web stuff from yours will be messy. Domain ownership will have to be changed, a new hosting account created somewhere, content moved, etc.

Personally, I wouldn't want to sign on for that kind of commitment. Better to have him register his own domain and sign up for his own hosting account. You can agree to administer it and/or do site development for some sort of fee (or just free pizza!). Then if it becomes necessary to go your separate ways, it's a fairly simple matter to disentangle things.

Thank you for the answer - that's great advice.

The key question is whether you want to be responsible for that co-worker's domain and site forever. If so, then sure, register the domain yourself, and make it an addon domain on your account. But you'll have to do all the admin for it - your co-worker won't be able to do much of anything unless you give him your account ID and password (BH doesn't offer any reseller features, like separate cPanel logins for addon domains).
As an alternative to giving the co-worker complete cPanel access (which scares the daylights out of me), I'd suggest setting up password-protected FTP access to the addon directory. Doing that would allow him to do the bulk of any updating needed to maintain the site.

As an alternative to giving the co-worker complete cPanel access (which scares the daylights out of me), I'd suggest setting up password-protected FTP access to the addon directory. Doing that would allow him to do the bulk of any updating needed to maintain the site.

And that would make it far more obvious that any updates that they did to anything outside that directory were deliberate rather than accidental.

And that would make it far more obvious that any updates that they did to anything outside that directory were deliberate rather than accidental.
Am I totally brain-dead or just missing something basic here?

Can someone granted ftp access to a directory easily make changes outside of that particular directory? If so, is there any way to prevent this? (In the meantime, I need to do some checking on my own.)

All they have to do to be able to update something outside that directory is to upload and run a script that has references outside of the directory. So if it is an add-on domain then they'd have access to the public_html simply by adding ../ to the front of any references within a script that they upload.

There is no way of preventing that access on a normal shared hosting account if they do upload a script containing references like that but their doing so would make it obvious that they are deliberately attempting to access something that they shouldn't.

The only way of preventing that sort of deliberate attempt to access something outside of the current directory is with reseller hosting where you can set the directory up as a completely separate account with no outside access at all.

Thanks for the clarification on just how that can be accomplished.