Some background: My tech company hosts WordPress websites in addition to building them as part of our services list and we’re pretty stringent about both security and keeping track of all activities on the websites generally, specifically for reasons like this.
This client hired a random UX designer in Brazil (you can probably see where this going already) to build some landing pages. A bit odd that they didn’t go through us but not too unusual. Client requested that I give the UX designer administrative access to the website, which I granted since the client authorized it.
Then this morning I got a frantic call from the COO, saying that the header and footer were missing on the website (it’s Elementor).
A few clicks of Simple History later and we discovered the culprit immediately. This UX designer had logged in at 4:30 AM (our time), made some changes, and had inexplicably disabled the header everywhere, and had deleted the footer entirely. Thankfully in addition to our record-keeping we keep daily backups, so a few mouse clicks later we were back to normal.
I’m not going to tell the client “I told you so” since the vindication from this is satisfying enough. I’m still a little amazed, considering if I logged into a client’s website, tampered with it like this and then logged out with no explanation I’d expect to be fired.
Moral of the story: Keep backups AND history logs.
[ad_2]