Has my website been compromised?

I made a post on LinkedIn asking for help updating and maintaining my website?

One random person got back to me and offered to help and we had a call a few days later to discuss what I needed done and I gave him admin access to my website over the phone.

A couple hours later he message me telling me most of the work was completed but he never gave me a quote and didn’t ask for approval prior to starting.

I thought that was sketchy and was scared that he was going to hack my site for a large ransom and went straight home to make sure I was still an Admin and logged him out immediately.

Since I last checked I am still able to admin my site and it is live.

He apologized for spooking me and told me he would just charged $25/hr for 2 hours of labor, which I think is a reasonable rate.

I asked him to send me his PayPal and invoice for the work and he agreed.

It’s now been over 24hrs and I haven’t heard anything back. Seems weird that he would not want to get paid asap.

Do you think he might have done something nefarious to my site?

How do I make sure I haven’t been compromised and he didn’t plant some code/virus that could be damaging?

I don’t know much about how websites work but don’t want anything bad happening…

8 Comments
  1. Yeah it looks like he did most of the initial tasks with one not item not yet resolved

  2. I wouldn’t think much of it. Just make sure you pay him and change your password once the work is complete.

    Just ensure in the future you do some due diligence, especially if you host or collect any client or customer information that is stored on your website.

  3. That is just some random guy not necessarily after money. That is something I randomly could do and would not especialy be in a hurry to give you my payment info.

    Be sure to keep a backup before he did the work, but it’s probably safe.

  4. Install WordFence and scan your website. That will take care of 99% of things someone could do with that access.

    I often do work for people like that. I don’t charge if it is a quick fix, often I am just trying to establish a working relationship. I am picky about who I will do that with though. You really need to be more careful about who you trust your website with. Especially if there is any client data on it.

  5. Totally get why you’d be worried after giving someone admin access like that. Anyway, you can do something:
    1. change all your passwords (like for your database or FTP) if you are worried about their behavior
    2. Or, you can try with a good security scanner to check for (known) malwares. Wordfence is a managed product you can try
    3. If you are techie enough you can try with Lynis or ClamAV which are open-source and you can run them yourself
    4. If you are still unsure about what that guy did, the _only_ sure way unfortunately is to perform a backup, complete wipe and reinstall of the website

    Anyway for the future, I would suggest to use tools that can check for vulnerabilities or if your website needs some updates externally without having to give someone credentials to your website. Shameless plug, I am building https://internetguardian.io to help people find out if their website have security vulnerabilities and identify next steps

 

This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer