[ad_1]
Hi Guys,
I hired a developer at Fiverr and instead of giving him direct access to the main wordpress installation, I have created a clone of the site, created a new admin user with different password and deleted the old admin user and by doing that I thought I was safe until I discovered that developer can just install “Advanced File Manager” plugin and access my public root directory! which means directories outside current wordpress installation that’s including my main site!
Should I just revoke his access to the clone site ? but I don’t know another method to make him do the job, can you recommend something else more safer?
[ad_2]